On Thursday 26 October 2006 03:49, Hai Zaar wrote: > Dear list! > > Is there any way to specify sasl-secprops separately for each transport > type? For ldapi:/// is want "sasl-secprops noanonymous,noplain", > and "sasl-secprops noanonymous,noplain,noactive" for the rest. > > The idea is to require SASL GSSAPI for everyone with only exception > for clients connecting via ldapi (like heimdal KDC) - they need SASL > EXTERNAL.
Why don't you just remove the SASL mechanisms you don't want? The SASL/EXTERNAL will always be there but the others are just shared libraries which live in /usr/lib/sasl2 or something similar (at least on my system). The slapd won't offer any mechanism which isn't installed. Karsten.
