[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authentication w/ Eudora & other clients



I'm in the middle of reviewing LDAP browsers and Apps.  I noticed that
GQ, an open source browser has support for SASL and Kerberos (in the
Beta version) here is a url: http://biot.com/gq.  I didn't see anything
for sasl support in the LDAPAdministrator or Java LDAPBrowser.  

As far as SSL, the Java LDAPBrowser handled SSL the best, It just
prompted you whether or not you trust the certificate. 
LDAPAdministrator had you store the certificate with a Netscape 4.*
browser and then copy the certificate database over to the same
directory as LDAPAdministrator - yuck.  

Hope that helps.
Cameron


Cameron Morris
Novell, Inc., the leading provider of Net business solutions
http://www.novell.com 



>>> "Dean Gibson (Mail Adminstrator)" <postmaster@ultimeth.net>
07/06/02 10:35AM >>>
I'm not (yet) using SSL;  I wanted to tackle one issue at a time.  I've
looked at the slapd debug output ("-d -1"), and have seen nothing
illuminating.

-- Dean

>Date: Sat, 6 Jul 2002 08:02:36 -0400 (EDT)
>From: Frank Swasey <Frank.Swasey@uvm.edu>
>To: "Dean Gibson (Mail Adminstrator)" <postmaster@ultimeth.net>
>cc: openldap-software@OpenLDAP.org 
>Subject: Re: Authentication w/ Eudora & other clients
>
>If you run slapd in debug mode, does it fail in the SSL connection? 
Are you by any chance using a self-signed SSL certificate -- Windows
doesn't like self-signed SSL certificates (although openldap 2.0.x works
with them).
>
>-- 
>Frank Swasey                    | http://www.uvm.edu/~fcs 
>Systems Programmer              | Always remember: You are UNIQUE,
>University of Vermont           |    just like everyone else.
>                    === God Bless Us All ===
>
>>Date: Fri, 05 Jul 2002 09:47:13 -0700
>>To: openldap-software@OpenLDAP.org 
>>From: "Dean Gibson (Mail Adminstrator)" <postmaster@ultimeth.net>
>>Subject: Authentication w/ Eudora & other clients
>>Sender: owner-openldap-software@OpenLDAP.org 
>>
>>I have OpenLdap 2.0.21 installed and working, including SASL
authentication with ldapsearch and ldapmodify, which work as expected,
accepting and rejecting users appropriately.  However, I have been
unable to get the following LDAP clients (all of which supposedly have
authentication capability) to obtain lookups from the LDAP server unless
I specify:
>>
>>access to * by * read
>>
>>Here's the list of LDAP clients:
>>
>>Eudora Pro 5.1;  free download at http://www.eudora.com 
>>
>>Softerra LDAP Browser 2.3;  free download at
http://www.ldapadministrator.com/download/download.php 
>>
>>Java LDAP Browser/Editor 2.8;  shareware download at
http://www-unix.mcs.anl.gov/~gawor/ldap/ 
>>
>>Here's my actual access directives:
>>
>>access to dn="^$"
>>                by *            read
>>access to dn=".*"
>>                by users        read
>>                by anonymous    auth
>>
>>Has anyone gotten these clients to work successfully with SASL
authentication?
>>
>>-- Dean Gibson