[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Newbie conceptual issues (long)

fre, 05.03.2004 kl. 02.15 skrev Kevin:

> What are some other clients like GQ?  Anything that far 
> along or farther?  Anything that supports SASL?

Nothing like GQ, since it has schema browsing and you get to see all
about the objectclasses and attributes, syntax, OIDs ("what is syntax,
what is an OID?"), etc. you've loaded in your schemas. It will show you
quite violently when you make wrong choices and force you to ask
yourself: "WHY?" But there are many other clients available, some C++,
some PHP, some Java.

> But part of my problem with GQ is that I'm trying to 
> authenticate with SASL/GSSAPI and GQ doesn't support 
> it (or Kerberos, though it claims to on both).  I just 
> heard back from someone on their mailing list, and 
> there are no plans to make it work.  There is some 
> sort of skeleton for SASL in it, but it makes the app 
> crash when used.

There is no such animal as SASL. There are SASL mechanisms, such as
GSSAPI and DIGEST-MD5. The GQ developer(s) confess to not knowing
anything about them  and are too busy doing other things to learn.

> So, I can't modify the database with GQ, which is a 
> real bummer, and I suspect that drag-n-drop will 
> attempt to change records and things, no?

Yes :)

>   Maybe if I 
> disable authentication for the sake of learning.

You should do that anyway. I use SASL DIGEST-MD5 for almost everything I
can in Openldap, but there are many things I can't use it for. pam_ldap,
Postfix/Exim LDAP lookups, directory_administrator, PHP etc have no
concept of SASL binds and then you have to use TLS or Unix domain
sockets (ldapi) and simple binds. SASL mechanisms are kept for AUTH. GQ
supports TLS.

> > Try that (use the drag'n drop function liberally for
> > your data tree), then come back with a much shorter
> > list of questions!
> Thanks for the recommendation, Tonni (Tony?)

«Kjært barn har mange navn», say the Norwegians.



mail: billy - at - billy.demon.nl