[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL EXTERNAL TLS question



Requirement:

Use OpenLDAP with TLS, with server supplying digital certificate and "demand"ing client certificate.  Based on client certificate, bind the client application to an entry.

My progress thus far:

The two way certificate exchange and client authentication works.  

Problem:

I can't bind the client to an existing entry.

I understand that I need to use SASL external.  I just can't figure out how I use it.  I looked around everywhere on OpenLDAP, and I am quite sure that there is a small HOWTO somewhere that will describe exactly what needs to be done.  Can any kind soul point me to it?

I am using Connexitor Directory Services (CDS) from www.symas.com so the versions are:
OpenLDAP v2.1.x 
OpenSSL v0.9.x 
Cyrus SASL 2.x 
Heimdal Kerberos v0.4e 

Thanks for absolutely ANY help,
-Milind.