Hai Zaar wrote:
Why don't you just remove the SASL mechanisms you don't want? The
SASL/EXTERNAL will always be there
Does not look like that - if I set "sasl-secprops
noanonymous,noplain,noactive" then heimdal-kdc, which uses
SASL/EXTERNAL over slapi fails to connect (removing 'noactive' solves
that).
You're missing the point. Leave the sasl-secprops at their default
setting and just remove the modules for the SASL mechanisms that you
don't want to allow.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/
