[Date Prev][Date Next]
openldap + tls + sasldb = ?
Pardon my ignorance, but i'm setting up openldap with TLS support here,
and want to use a sasldb to authenticate users against.
right now, i have sasl + openldap working, so that non-tls connections
prompt me for a password, and it authenticates me against the sasldb.
however, when i use tls support, i am unable to get any response
from the server other than the generic local error, unless i specify
the '-x' option to ldapsearch, forcing it to use simple authentication
(AKA none). has anyone run into this problem before?
i've seen people using sasl + tls + kerberos, but kerberos seems overly
complicated for the task of authenticating users to a single service.
am i amazingly wrongheaded in thinking this?
Confused as always,
Justin Doiel <firstname.lastname@example.org>
(bitch at me if you want logs of it all breaking, i'm lazy at 3:00 AM. :)