[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP v3 and Referrals



Hi,

Chaging the suffix doesn't work better.

the answer is in a great document i found here :
ftp://kalamazoolinux.org/pub/pdf/ldapv3.pdf 

with LDAPv3, clients using simple or "plain text" bind can't chase referrals.

So i have to use OpenLDAP with a "strong" authentication mechanism.
As i don't really want to set up a complex SASL + kerberosV ... i have to use LDAPv2 :((

However, i'm asking if setting up "SASL+PAM" will be easier than SASL + kerberos
and if "SASL+PAM" bind method is sufficient to allow automatic chasing ...

Concerning the DEREF directive, you're right. This deals with ALIAS and not REFERRALS.


Thanks,
Christophe Chaloin

> > 
> > slapd.conf file looks like this on each server :
> 
> I think the suffix for server B should be:
> 
> suffix: o=subtree,o=top
> 
> ---
> 
> Another question:
> 
> DEREF always 
> only has to do with aliases, and NOT with referrals, is my 
> understanding correct ?
> 
> Thanks,
> ace