Re: [EXT] RE: ldap proxy

27 Feb 2025


      --On Wednesday, February 26, 2025 4:38 PM -0800 Quanah Gibson-Mount 
quanah@fast-mail.org wrote:
...
--On Wednesday, February 26, 2025 4:30 PM -0800 Quanah Gibson-Mount
quanah@fast-mail.org wrote:
...
You told it to use simple binds, not SASL.
Here's an example ldapsearch using a SASL/EXTERNAL bind setting all
parameters via the command line.
ldapsearch -Y EXTERNAL -o tls_cacert=/etc/ssl/certs/myca.pem -o
tls_cert=/home/joe/mycert.pem -o tls_key=/home/joe/mycert.key -H
ldaps://host.domain.com
OR if using starttls:
ldapsearch -ZZ -Y EXTERNAL -o tls_cacert=/etc/ssl/certs/myca.pem -o
tls_cert=/home/joe/mycert.pem -o tls_key=/home/joe/mycert.key -H
ldap://host.domain.com
Also:
method=128 is a simple bind
method=163 is a SASL/EXTERNAL bind
--Quanah

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: [EXT] RE: ldap proxy