[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-software
Subject:    Re: ldapi security level?
From:       Howard Chu <hyc () symas ! com>
Date:       2004-07-05 11:06:21
Message-ID: 40E9362D.6000302 () symas ! com
[Download RAW message or body]

Hallvard B Furuseth wrote:

>>You have to use SASL/EXTERNAL.

> Eh?  Simple Bind is secure enough if the LDAP connection (if ldapi
> can be called a connection) is secure.

Ah yes, I suppose so. And yes, ldapi uses a "connection" by any sense of 
the word. The fact that the connection is over a Unix Domain socket 
doesn't make that any less true.

> How do I use SASL/EXTERNAL with ldapi?

"ldapsearch -H ldapi:// -Y EXTERNAL" generally works for me. Don't 
bother trying this on Windows; only Unix Domain sockets are supported.
-- 
   -- Howard Chu
   Chief Architect, Symas Corp.       Director, Highland Sun
   http://www.symas.com               http://highlandsun.com/hyc
   Symas: Premier OpenSource Development and Support
[prev in list] [next in list] [prev in thread] [next in thread]