[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authentication w/ Eudora & other clients

I'm not (yet) using SSL;  I wanted to tackle one issue at a time.  I've looked at the slapd debug output ("-d -1"), and have seen nothing illuminating.

-- Dean

>Date: Sat, 6 Jul 2002 08:02:36 -0400 (EDT)
>From: Frank Swasey <Frank.Swasey@uvm.edu>
>To: "Dean Gibson (Mail Adminstrator)" <postmaster@ultimeth.net>
>cc: openldap-software@OpenLDAP.org
>Subject: Re: Authentication w/ Eudora & other clients
>If you run slapd in debug mode, does it fail in the SSL connection?  Are you by any chance using a self-signed SSL certificate -- Windows doesn't like self-signed SSL certificates (although openldap 2.0.x works with them).
>Frank Swasey                    | http://www.uvm.edu/~fcs
>Systems Programmer              | Always remember: You are UNIQUE,
>University of Vermont           |    just like everyone else.
>                    === God Bless Us All ===
>>Date: Fri, 05 Jul 2002 09:47:13 -0700
>>To: openldap-software@OpenLDAP.org
>>From: "Dean Gibson (Mail Adminstrator)" <postmaster@ultimeth.net>
>>Subject: Authentication w/ Eudora & other clients
>>Sender: owner-openldap-software@OpenLDAP.org
>>I have OpenLdap 2.0.21 installed and working, including SASL authentication with ldapsearch and ldapmodify, which work as expected, accepting and rejecting users appropriately.  However, I have been unable to get the following LDAP clients (all of which supposedly have authentication capability) to obtain lookups from the LDAP server unless I specify:
>>access to * by * read
>>Here's the list of LDAP clients:
>>Eudora Pro 5.1;  free download at http://www.eudora.com
>>Softerra LDAP Browser 2.3;  free download at http://www.ldapadministrator.com/download/download.php
>>Java LDAP Browser/Editor 2.8;  shareware download at http://www-unix.mcs.anl.gov/~gawor/ldap/
>>Here's my actual access directives:
>>access to dn="^$"
>>                by *            read
>>access to dn=".*"
>>                by users        read
>>                by anonymous    auth
>>Has anyone gotten these clients to work successfully with SASL authentication?
>>-- Dean Gibson