LDAP_AUTH_METHOD_NOT_SUPPORTED with ldap_sasl_bind - openldap-technical - openldap.org

List overview All Threads
Download

LDAP_AUTH_METHOD_NOT_SUPPORTED with ldap_sasl_bind

Can't get password passthrough to...

detecting password expiration...

Thilko Richter

16 Mar 2010 16 Mar '10

7:08 a.m.

Hi,

obviously I don´t have an appropriate 'supportedSASLMechanisms:' entry. But after adding

supportedSASLMechanisms: PLAIN

to some ldap entries, the ldap_sasl_bin still does not work. Where I have to add these informations, and are they correct for a simple bind?

Thx,

Thilko

Reply

Show replies by date

Dieter Kluenter

16 Mar 16 Mar

8:18 a.m.

Thilko Richter thilko.richter@googlemail.com writes:

Hi,

obviously I don´t have an appropriate 'supportedSASLMechanisms:' entry. But after adding

supportedSASLMechanisms: PLAIN

to some ldap entries, the ldap_sasl_bin still does not work. Where I have to add these informations, and are they correct for a simple bind?

PLAIN is only enabled with a secured session, that is, TLS or ldapi.

-Dieter

-- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:8EF7B6C6 53°37'09,95"N 10°08'02,42"E

Reply

Thilko Richter

9:42 a.m.

So is there any way to do an simple bind over sasl without ssl/tls, just with the plaintext cred?

Thilko

Am 16.03.2010 um 08:18 schrieb Dieter Kluenter:

Thilko Richter thilko.richter@googlemail.com writes:

...
Hi,

obviously I don´t have an appropriate 'supportedSASLMechanisms:' entry. But after adding

supportedSASLMechanisms: PLAIN

to some ldap entries, the ldap_sasl_bin still does not work. Where I have to add these informations, and are they correct for a simple bind?

PLAIN is only enabled with a secured session, that is, TLS or ldapi.

-Dieter

-- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:8EF7B6C6 53°37'09,95"N 10°08'02,42"E

Reply

Dieter Kluenter

10:35 a.m.

Thilko Richter thilko.richter@googlemail.com writes:

So is there any way to do an simple bind over sasl without ssl/tls, just with the plaintext cred?

Just use a challenge/response SASL Mechanism like DIGEST-MD5

-Dieter

Am 16.03.2010 um 08:18 schrieb Dieter Kluenter:

...
Thilko Richter thilko.richter@googlemail.com writes:

...
Hi,

obviously I don´t have an appropriate 'supportedSASLMechanisms:' entry. But after adding

supportedSASLMechanisms: PLAIN

to some ldap entries, the ldap_sasl_bin still does not work. Where I have to add these informations, and are they correct for a simple bind?

PLAIN is only enabled with a secured session, that is, TLS or ldapi.

-Dieter

-- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:8EF7B6C6 53°37'09,95"N 10°08'02,42"E

-- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:8EF7B6C6 53°37'09,95"N 10°08'02,42"E

Reply

5588

Age (days ago)

5588

Last active (days ago)

openldap-technical@openldap.org

3 comments

2 participants

tags (0)

participants (2)

Dieter Kluenter
Thilko Richter