[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP v3 and Referrals


Chaging the suffix doesn't work better.

the answer is in a great document i found here :

with LDAPv3, clients using simple or "plain text" bind can't chase referrals.

So i have to use OpenLDAP with a "strong" authentication mechanism.
As i don't really want to set up a complex SASL + kerberosV ... i have to use LDAPv2 :((

However, i'm asking if setting up "SASL+PAM" will be easier than SASL + kerberos
and if "SASL+PAM" bind method is sufficient to allow automatic chasing ...

Concerning the DEREF directive, you're right. This deals with ALIAS and not REFERRALS.

Christophe Chaloin

> > 
> > slapd.conf file looks like this on each server :
> I think the suffix for server B should be:
> suffix: o=subtree,o=top
> ---
> Another question:
> DEREF always 
> only has to do with aliases, and NOT with referrals, is my 
> understanding correct ?
> Thanks,
> ace