Howard Chu hyc@symas.com wrote:
Of course you could always have checked the FAQ. http://www.openldap.org/faq/data/cache/944.html
Of course I did check the FAQ. Where do you think I find the idea of using {SASL}? Note that this FAQ entry does not tell that {SASL} should be followed by the login. Other FAQ entries that deal with SASL and kerberos tell about using authz-regex or sasl-regex, it took me a while to find a setup that actually works.
By the way, you told me the {SASL} scheme in userPassword was deprecated. How this should be done, then? Or did I misunderstood your statement?
As other posters have already indicated, there's plenty of information out there, and a search on simple keywords like "SASL" and "userpassword" would have been all that was necessary to find the answers in this case.
In order to type that keywords in a search engine, one must already know that the answer is about having the right thing in userPassword.
My statement above was an offer to help explain anything you might want explained. Frankly I have better things to do with my time than try to teach people who are so unwilling to learn.
I'm not unwilling to learn, it's just that I already found the answer for the problem about which I was telling my ftrustration. I'm sure nobody want to loose time answering already resolved questions.
But yes, if you post "Here's how to do X" and I see that there's something wrong, I will say it's wrong.
Now I'd by thankful to you if you could tell me why it's wrong, and what is the right way of doing what I've done.