26 Oct
2006
26 Oct
'06
7:34 a.m.
Hai Zaar wrote:
Why don't you just remove the SASL mechanisms you don't want? The SASL/EXTERNAL will always be there
Does not look like that - if I set "sasl-secprops noanonymous,noplain,noactive" then heimdal-kdc, which uses SASL/EXTERNAL over slapi fails to connect (removing 'noactive' solves that).
You're missing the point. Leave the sasl-secprops at their default setting and just remove the modules for the SASL mechanisms that you don't want to allow.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/