[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL Authentication



At 12:18 PM 9/20/2004, Andreas Winkelmann wrote:
>Am Montag, 20. September 2004 15:16 schrieb Ammar T. Al-Sayegh:
>
>> I would like to set the SASL/DIGEST-MD5 as the
>> default authentication method when ldap commands
>> such as ldapwhoami and ldapsearch are used.
>> However, they insist on starting SASL/GSSAPI
>> authentication. Is there a way to fix this problem?
>
>Either delete the Lib in /usr/lib/sasl2 or configure the CLients to use it as 
>default. See ldap.conf(5) SASL_MECH for details.

Not sure SASL_MECH works properly (there was an issue
reported with it some time ago).  I suggest that for
those not wanting to support GSSAPI authentication,
that they configure Cyrus SASL without GSSAPI
support (or, if already reconfigured, simply remove
Cyrus SASL's GSSAPI plugin).  You might also be able
to mess with Cyrus SASL's config file for slapd(8).
For further information regarding my suggestions,
please see the Cyrus SASL documentation.

Kurt