9 Jul
2022
9 Jul
'22
2:47 p.m.
--On Saturday, July 9, 2022 8:01 PM +0200 Stéphane Veyret sveyret@gmail.com wrote:
Hi,
In my home network, I have a MIT Kerberos installation backed by OpenLDAP. Because some of my apps do not work using GSSAPI, I would like to be able to log into them directly using LDAP.
The way that SASL passthrough works is that you put the value {SASL} for the userPassword. This tells slapd to pass the user authentication to SASL to handle. You don't set an actual password value in the userPassword attribute.
So it should be:
userPassword: {SASL}
set via an ldapmodify operation (not an ldap v3 password modify operation).
Regards, Quanah