On 21/04/11 02:05 -0700, Howard Chu wrote:
Your slaptest is OK because there was no broken dependency. ProxyAuth
doesn't require SASL. Whoever told you so was wrong. (They overlooked
the ProxyAuthz control, which is independent of SASL.)
That was my mistake.
~$ ldapsearch -LLL -x -H ldap://ldap.example.org -s "base" -b ""
supportedControl
dn:
supportedControl: 2.16.840.1.113730.3.4.18
supportedControl: 2.16.840.1.113730.3.4.2
supportedControl: 1.3.6.1.4.1.4203.1.10.1
supportedControl: 1.2.840.113556.1.4.319
supportedControl: 1.2.826.0.1.3344810.2.3
supportedControl: 1.3.6.1.1.13.2
supportedControl: 1.3.6.1.1.13.1
supportedControl: 1.3.6.1.1.12
~$ ldapwhoami -x -D '[email protected],ou=people,dc=example,dc=org' \
-H ldap://ldap.example.org \
-e '!authzid=dn:[email protected],ou=people,dc=example,dc=org' -W
Enter LDAP Password:
dn:[email protected],ou=people,dc=example,dc=org
--
Dan White
