SLUG Mailing List Archives
[SLUG] Got SASL with OpenLDAP Working - Was: Hiding binddn
- To: slug@xxxxxxxxxxx
- Subject: [SLUG] Got SASL with OpenLDAP Working - Was: Hiding binddn
- From: "Philip Greggs" <png320@xxxxxxxxx>
- Date: Sun, 23 Apr 2006 09:06:12 +1000
- Cc: bmp535@xxxxxxxxx
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; b=jp1AIwmvzx6TEmkNO2zp8QyK1lb/LG26SAnc3GwxDEJFMXieLUlJ7NbtXy7lSfD+yUcjAkr0utPDWwpFot+pV3CgMf8Ni60wSKJUtFZTupODX2U7eEcrEmOxgS64Gq2is3tlVRgHwycSHz1SZ0LCrfFVxz2TZU2rzUNFoKN/1Lk=
I got SASL w/OpenLDAP working too.
I googled "OpenLDAP Tutorial" and pick this one:
This tutorial is using Fedora Core 4 and so
>> >The obvious, but complex, answer is to use SASL &
>> >Kerberos. Then you just get the tgt once and from
>> >then on you're bound to the server.
>OK, got this. Had done Kerberos before.
>> >That's a whole minefield of things that need
>> >setting up so I suggest you google about for it a
>> >bit, there is plenty of documentation.
>I did and found a few that's meaningful and stuck to it.
>I just search for 'OpenLDAP tutorial'.
>Got my setup to work, like this: got tgt once as you said
>and use OpenLDAP commands over-and-over, as I want it.
>$ kinit beav
>$ ldapsearch -Y gssapi
In addition, I also got other SASL auths with OpenSSL to work.