Hi Quanah, Thanks for your response, another question about the SASL. I know for the ldap server, some settings must be done, what about for the client side? If I only installed the open ldap library and client tools, and if I want to use SASL GSSAPI, will this be enough ? do I need to install other modules like Kerberos V?
Thank you in advance!
Peter
On Tue, Jan 7, 2020 at 2:15 PM Quanah Gibson-Mount quanah@symas.com wrote:
--On Tuesday, January 7, 2020 7:49 AM -0500 Peter Sui peters@qnext.com wrote:
so question here, what password it asked here? since it's not asking for a DN. There could be many credentials here, will the server figure out the user by the password input?
Hi Peter,
The OpenLDAP admin guide specifically discusses in detail how to set up and configure SASL/DIGEST-MD5. Please see https://www.openldap.org/doc/admin24/sasl.html#DIGEST-MD5
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
--On Tuesday, January 7, 2020 4:48 PM -0500 Peter Sui peters@qnext.com wrote:
Hi Quanah, Thanks for your response, another question about the SASL. I know for the ldap server, some settings must be done, what about for the client side? If I only installed the open ldap library and client tools, and if I want to use SASL GSSAPI, will this be enough ? do I need to install other modules like Kerberos V?
Hi Peter,
The majority of SASL mechanism are handled by cyrus-sasl, so the related cyrus-sasl modules must be installed for a given mechanism. Additionally, any system that wants to use SASL/GSSAPI must be able to obtain a kerberos ticket for the related user prior to the use of the ldap* tools.
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org
-
Peter Sui -
Quanah Gibson-Mount