[Date Prev][Date Next]
Priority or restriction of SASL mechanisms
Just got upgraded to 2.2 from 2.0. I'm using the FC3 RPMs. One
behavioral change from 2.0 (which were modified RH RPMs from a couple
years ago) is that when doing an ldapsearch, the default SASL mechanism
is now MD5, whereas before it was GSSAPI (which is what I desire). If I
add '-Y GSSAPI' to the ldapsearch commandline, GSSAPI works gorgeous.
This seems a little strange since I haven't configured any MD5 mechanism
(is any required?), and don't run saslauthd.
I've hacked away the problem with an 'rpm -e --nodeps cyrus-sasl-md5'.
Kinda nasty (why does the RH openldap RPM even depend on that package,
Is there a way to restrict the list of SASL mechanisms or to put a
priority on them? Thanks for any advice.