[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: kpasswd




On Friday, October 17, 2003, at 03:35 PM, Howard Chu wrote:

Password {SCHEMES} in the userPassword attribute are only for use with LDAP
Simple Bind, not for SASL Binds. This whole thread has been about using
Kerberos passwords with Simple Binds, why it's a bad idea, and how to do it
if you're OK with doing something unwise.


If your clients are already using SASL Binds, then you can safely ignore
every email in this thread.


Yes, this is about allowing simple binds. I encourage clients to use GSSAPI SASL binds if they can, but I have also needed to support simple binds. I'm trying to make this {SASL} password thing work, since the {KERBEROS} scheme is being dropped.

Allan