[Date Prev][Date Next]
login using SASL
- To: openldap-software@OpenLDAP.org
- Subject: login using SASL
- From: Tomonari Hattori <email@example.com>
- Date: Thu, 06 May 2004 22:19:37 +0900
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; ja-JP; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
Hi, I am planning to completely replace my old NIS server with OpenLDAP
server. So I have implemented some software for this purpose.
I am testing OpenLDAP-2.2.8 and cyrus-sasl-2.1.18 and nss_ldap-217 and
pam-ldap-169 on Redhat9.
I have read about ldapdb.c on this mailing list and succeeded in using it.
And this point, I have consern about security issue. LDAP server uses
SIMPLE auth by default, so I have implemented SASL also.
Now I can do ldapsearch or ldappasswd using SASL digest-md5
authentication(with -U option). It can be done from ldap-client via network.
But when I do console login or network login, it doesn't work.
When logged in, LDAP client is trying to contact server using SIMPLE
auth. How can I make login sesson to use SASL auth?
I think this is not related to pam_ldap or nss_ldap because OpenLDAP
uses SASL implicitly.
I habe added to slapd.conf;
but doesn't work...
Tomonari Hattori <firstname.lastname@example.org>