Does the Samba 4 LDAP server support GSS-SPNEGO over SASL

Henrik Nordstrom henrik at henriknordstrom.net
Mon Dec 11 16:05:20 GMT 2006


mån 2006-12-11 klockan 11:14 +0100 skrev paul:

> and how do you tell the client? At least cyrus-sasl needs plaintext on
> the server side AFAIK.

The evolution of Cyrus SASL v2 server side is a bit odd and is no longer
actively supporting pre-hashed password key material only plain-text,
but the support is still there just hidden a bit.. For Digest-MD5 the
H(A1) is retrieved from the "*cmusaslsecretDIGEST-MD5" user property if
the plain-text "userPassword" property is not available.

Regards
Henrik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad
	meddelandedel
Url : http://lists.samba.org/archive/samba-technical/attachments/20061211/1f2129bf/attachment.bin


More information about the samba-technical mailing list