Turbo Fredriksson wrote:
"Howard" == Howard Chu hyc@symas.com writes:
>> So what's the point of having {SASL} in the userPassword then? Howard> No one ever said there was any point to it. Why are you Howard> using it if you don't understand what it's for?
I have no idea. It's been YEARS since I was 'taught' (?) to use it... I sat up 1.3.something-low (or was even earlier than that!?) and I haven't read a manual/doc about this in years... I've just taken my old db/config and did the absolutly nessesary changes to get it to work...
I don't know what planet you've been living on, but the last 1.x release of OpenLDAP was 1.2, there was no 1.3. And between 1.x and 2.3 huge volumes of new documentation have been written. You can operate with obsolete knowledge if you like, but it's smarter to read the docs that match the software revision you're working with.
Was {KERBEROS} required in userPassword?
Nothing is ever *required* in userPassword. Different things *may* be set in userPassword depending on what you want to accomplish.
Pretty sure I explained this to you several years ago. I won't bother to go thru it again.
http://www.openldap.org/lists/openldap-software/200206/msg00334.html
Howard> From the sound of it, yes, the SASL regexp worked as it Howard> should.
Oki, that looked reasonble and the only conclution I could draw from my experience..
But I'd _really_ like an explanation of the {SASL} 'thingie'...