On 21/04/11 02:05 -0700, Howard Chu wrote:
Your slaptest is OK because there was no broken dependency. ProxyAuth doesn't require SASL. Whoever told you so was wrong. (They overlooked the ProxyAuthz control, which is independent of SASL.)
That was my mistake.
~$ ldapsearch -LLL -x -H ldap://ldap.example.org -s "base" -b "" supportedControl dn: supportedControl: 2.16.840.1.113730.3.4.18 supportedControl: 2.16.840.1.113730.3.4.2 supportedControl: 1.3.6.1.4.1.4203.1.10.1 supportedControl: 1.2.840.113556.1.4.319 supportedControl: 1.2.826.0.1.3344810.2.3 supportedControl: 1.3.6.1.1.13.2 supportedControl: 1.3.6.1.1.13.1 supportedControl: 1.3.6.1.1.12
~$ ldapwhoami -x -D 'uid=cyrus@example.org,ou=people,dc=example,dc=org' \ -H ldap://ldap.example.org \ -e '!authzid=dn:uid=test1234@example.org,ou=people,dc=example,dc=org' -W Enter LDAP Password: dn:uid=test1234@example.org,ou=people,dc=example,dc=org