26 Oct
2006
26 Oct
'06
7:41 a.m.
On Thursday 26 October 2006 09:48, Hai Zaar wrote:
Why don't you just remove the SASL mechanisms you don't want? The SASL/EXTERNAL will always be there
Does not look like that - if I set "sasl-secprops noanonymous,noplain,noactive" then heimdal-kdc, which uses SASL/EXTERNAL over slapi fails to connect (removing 'noactive' solves that).
I'm not talking about sasl-secprops but deinstalling the unneeded SASL mechanisms and leave only SASL/GSSAPI installed. Then you'll have SASL/GSSAPI and SASL/EXTERNAL, but SASL/EXTERNAL will only show up if you connect via ldapi or use SSL/TLS. I thought that's what you wanted.
Karsten.