>>Any suggestions how to make digest-uri match service? >You could try configuring sasl-host/olcSaslHost and sasl-realm/olcSaslRealm >to influence how libsasl2 initializes the DIGEST-MD5 plugin.
>Another option is to use a different mechanism (DIGEST-MD5 has been >obsoleted by the IETF in RFC 6331). If you do not have a way to specify the >mechanism within your Oracle client, you can restrict which mechanisms are >offered by the server, by configuring a libsasl2 slapd.conf (e.g. >/usr/lib/sasl2/slapd.conf) with: >mech_list: <space separated mechanism list> >Use pluginviewer (or saslpluginviewer) to list the available mechanisms on >the server. > >-- >Dan White Looks like Oracle client and Oracle OID only use DIGEST-MD5 without additional configuration: Current OpenLDAP configuration: /usr/local/bin/ldapsearch -xH ldap:// -b "" -s base -LLL supportedSASLMechanisms dn: supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: GSSAPI supportedSASLMechanisms: OTP supportedSASLMechanisms: CRAM-MD5 Oracle-OID installation: /usr/local/bin/ldapsearch -xH ldap://:3060 -b "" -s base -LLL supportedSASLMechanisms dn: supportedsaslmechanisms: DIGEST-MD5 Will dig deeper to check if other mechanisms can be used or if there is an option to ignore the digest-uri. Juergen
