[Date Prev][Date Next]
Re: ldap_sasl_interative_bind_s error
Without a -x, the ldap* commands attempt to bind using SASL
authentication, rather than straight, cleartext password authentication.
If you want to use SASL authentication, you'll have to set it up.
IMHO, SASL is a worse than useless security system. It stores passwords
in cleartext and thinks it is improving security by allowing
authentication by passing, in cleartext, the MD5 hash of a password.
Unfortunately, SASL managed to get itself into the v3 LDAP spec.
Either always use the -x or recompile OpenLDAP --without-sasl.