Hi,
We are using SASL/DIGEST-MD5 for authentication to ldap database and don't want to be prompted for the password and need the password to be taken from a file. Can we specify it in /etc/ldap.conf globally or in .ldaprc individually?
I expect it to work like SASL/GSSAPI when we run an ldapsearch after retrieving the ticket for the user. Is it possible?
Regards, Sadique
Sadique Puthen wrote:
Hi,
We are using SASL/DIGEST-MD5 for authentication to ldap database and don't want to be prompted for the password and need the password to be taken from a file. Can we specify it in /etc/ldap.conf globally or in .ldaprc individually?
See the ldap.conf(5) manpage for the definition of what is supported. OpenLDAP does not read passwords from ldap.conf or .ldaprc. Setting a password in a globally readable file is stupid, you may as well turn off security controls and just use anonymous then.
I expect it to work like SASL/GSSAPI when we run an ldapsearch after retrieving the ticket for the user. Is it possible?
See the ldapsearch(1) manpage. Your best bet is to use the '-y' option.
openldap-software@openldap.org