[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Don't want to be prompted for the password

Sadique Puthen wrote:

We are using SASL/DIGEST-MD5 for authentication to ldap database and don't want to be prompted for the password and need the password to be taken from a file. Can we specify it in /etc/ldap.conf globally or in .ldaprc individually?

See the ldap.conf(5) manpage for the definition of what is supported. OpenLDAP does not read passwords from ldap.conf or .ldaprc. Setting a password in a globally readable file is stupid, you may as well turn off security controls and just use anonymous then.

I expect it to work like SASL/GSSAPI when we run an ldapsearch after retrieving the ticket for the user. Is it possible?

See the ldapsearch(1) manpage. Your best bet is to use the '-y' option.

  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/