[Date Prev][Date Next]
Re: SASL mechanisms
On 2/20/06 11:36 AM, Andreas Hasenack wrote:
On Mon, Feb 20, 2006 at 09:33:46AM -0500, Francis Swasey wrote:
Having been bitten by someone installing a SASL mechanism on a server
that also is one of my LDAP servers which was not configured (it
happened to be Red Hat decided this mechanism is required to have
sendmail on the system, but it could have been another sys admin).. I
am wondering why we have to play with "sasl-secprops" to tell slapd what
types of mechanisms are not wanted.
Is there a problem with providing a "sasl-mechanisms" config option
that would list (GSSAPI, CRAM-MD5, etc) the specific mechanisms we
wanted to support?
That's a SASL configuration. Try creating this file:
mech_list: DIGEST-MD5 CRAM-MD5
List the SASL mechanisms you want slapd to offer. If you intend to offer
plain text mechanisms, then you will also have to use "sasl-secprops
none" in slapd.conf.
Ahha! I was looking in the wrong place... Thanks!
Frank Swasey | http://www.uvm.edu/~fcs
Sr Systems Administrator | Always remember: You are UNIQUE,
University of Vermont | just like everyone else.
"I am not young enough to know everything." - Oscar Wilde (1854-1900)