> But, it seems that the searches are not using GSSAPI to secure the > traffice to the server because when I look at the ldap logs I see that > the ssf is zero. In our case this means that no data can be returned. > (And, yes, I am a bit fuzzy on the exact details since ldapsearch just > does the right thing for me without my having to think about it.) Any > ideas on how to deal with this?
In the connection's 'Authentication' tab there is a section 'SASL Settings' where you can define the QoP. By default it is set to 'Authentication only', you should set it to 'Authentication with integrity and privacy protection' to enable message privacy. The other parameter 'Protection Strength' should be set to high (I think this sets ssf to 128). Kind Regards, Stefan
