--On Friday, September 29, 2017 1:07 PM -0400 Robert Heller
At Fri, 29 Sep 2017 10:47:48 -0400 brendan kearney
> SASL is a "glue" between LDAP and Kerberos, that translates an identity
> established through Kerberos AuthN to an LDAP Distinguished Name (among
> other possible uses). When communications between Kerberos and LDAP
> happen, SASL also provides encryption.
> I have setup Kerberos, SASL, OpenLDAP and SSSD all on Fedora and it all
> works. I dont have to muck with SSL/TLS and the different
> implementations with their specific nuances.
Don't you still need a SSL Certificate? That is, SSL/TLS is still there
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: