https://bugs.openldap.org/show_bug.cgi?id=9657
--- Comment #1 from Michael Ströder <[email protected]> --- On 8/30/21 18:35, [email protected] wrote: > This is inconsistent. SASL bind shall also request only AUTH access to the > userPassword, just as SIMPLE BIND does. Isn't that somewhat expected? SASL has to find the user's entry and this requires at least auth access to the entry pseudo attribute. Furthermore there are various password-less SASL mechs for which you might also want to have some authc access control, e.g. for temporarily deactivating authc. -- You are receiving this mail because: You are on the CC list for the issue.
