repost: what makes client use mech=SIMPLE?

[Klavs Klavsen <kl@vsen.dk>]

Hi,

I asked this before, but appearently no one took notice - or no one knows :(

I have many ubuntu 8.04 clients which all work fine with my ldap server.

I am now trying to connect a 10.04 client to the server - but login 
fails - and the only difference in output (in the debug file on the 
server) is the mech=SIMPLE line in the client that works.

The one that works:
Aug  4 10:21:36 ldap01 slapd[3077]: conn=1439319 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Aug  4 10:21:36 ldap01 slapd[3077]: conn=1439319 op=2 BIND anonymous 
mech=implicit ssf=0
Aug  4 10:21:36 ldap01 slapd[3077]: conn=1439319 op=2 BIND dn="cn=Klavs 
Klavsen,ou=People,dc=example,dc=net" method=128
Aug  4 10:21:36 ldap01 slapd[3077]: conn=1439319 op=2 BIND dn="cn=Klavs 
Klavsen,ou=People,dc=example,dc=net" mech=SIMPLE ssf=0
Aug  4 10:21:36 ldap01 slapd[3077]: conn=1439319 op=2 RESULT tag=97 
err=0 text=

The one that fails:
Aug  4 10:19:20 ldap01 slapd[3077]: conn=1439273 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Aug  4 10:19:20 ldap01 slapd[3077]: conn=1439273 op=2 BIND anonymous 
mech=implicit ssf=0
Aug  4 10:19:20 ldap01 slapd[3077]: conn=1439273 op=2 BIND dn="cn=Klavs 
Klavsen,ou=People,dc=example,dc=net" method=128
Aug  4 10:19:20 ldap01 slapd[3077]: conn=1439273 op=2 RESULT tag=97 
err=49 text=

Any idea what makes the client try binding with mech=SIMPLE? or perhaps 
a hint as to why the first "method=128" doesn't work?

I hope you have ideas :)

As to what I could find in the documentation method=128 (which they both 
use first) means SIMPLE-auth - so it "should" be the same they are 
doing.. obviously not - and "annoyingly" it's run over ldaps - so it's a 
bit harder to sniff :(

Thank you in advance

--
Regards,
Klavs Klavsen, GSEC - kl@vsen.dk - http://www.vsen.dk

"Those who do not understand Unix are condemned to reinvent it, poorly."
  --Henry Spencer