[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: ldap traffic encryption with kerberos
Dave:
Can you tell me how to use ldapsearch to do the Kerberos authentication with the server, it looks like in my Solaris 8 machine the -M option only supports CRAM-MD5 so far.
And I found an samba source file sasl.c which has a function
static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads) to do the kerberos authentication, however it mixes the usage of ldap_sasl_bind_s() and GSSAPI to do the job. You said there is a "net" example which uses GSSAPI only, can you enlighten me more on this?
Thx.
Kent
-----Original Message-----
From: Dave Snoopy [mailto:kingsnoopy7@yahoo.com]
Sent: Friday, May 09, 2003 10:04 AM
To: openldap
Subject: ldap traffic encryption with kerberos
When I use the ldapsearch tool, along with Kerberos
authentication with the server, I notice that the
traffic is encrypted.
I recently wrote my own tool that uses the same
openldap libraries. Following the Samba 3.0 "net"
example, I bypassed SASL and just use GSSAPI directly.
I am able to perform Kerberos authentication with the
server just fine, but for some reason my traffic is
*not* encrypted.
Does anyone have any idea why? Is there an option I
need to set for my LDAP connection, or this purely a
function of the lower level authentication/encryption
library (in this case Heimdal Kerberos)? If the
latter, does anyone have any ideas?
Thanks,
Dave
__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com