--On Sunday, December 19, 2010 09:17:09 AM +0100 Stefan Seelmann
<[email protected]> wrote:
But, it seems that the searches are not using GSSAPI to secure the
traffice to the server because when I look at the ldap logs I see that
the ssf is zero. In our case this means that no data can be returned.
(And, yes, I am a bit fuzzy on the exact details since ldapsearch just
does the right thing for me without my having to think about it.) Any
ideas on how to deal with this?
In the connection's 'Authentication' tab there is a section 'SASL
Settings' where you can define the QoP. By default it is set to
'Authentication only', you should set it to 'Authentication with
integrity and privacy protection' to enable message privacy. The other
parameter 'Protection Strength' should be set to high (I think this
sets ssf to 128).
Kind Regards,
Stefan
Perfect again. Works like a charm now. This was also one of those
"of course, you idiot" moments for me.
Thanks,
Bill
--
Bill MacAllister
Infrastructure Delivery Group, Stanford University
