Re: SASL DIGEST-MD5 Authentication

Wed, 06 Aug 2014 13:10:37 -0700 

Ike,

Of course, you have to change example.com and EXAMPLE.COM for your realms.

Regards,

Pierre Smits

*ORRTIZ.COM <http://www.orrtiz.com>*
Services & Solutions for Cloud-
Based Manufacturing, Professional
Services and Retail & Trade
http://www.orrtiz.com


On Wed, Aug 6, 2014 at 10:01 PM, Ike Ikonne <[email protected]> wrote:

> Hi
>
> After making the change that you suggested, I get the following from the
> server
>
> LDAP: error code 49 - INVALID_CREDENTIALS: DIGEST-MD5: digest response
> format violation. Nonexis
> tent realm: example.com
>
> Here is how my apache directory configuration looks like:
>
> dn:
> ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
> objectclass: ads-server
> objectclass: ads-ldapServer
> objectclass: ads-dsBasedServer
> objectclass: ads-base
> objectclass: top
> ads-serverId: ldapServer
> ads-confidentialityRequired: FALSE
> ads-maxSizeLimit: 1000
> ads-maxTimeLimit: 15000
> ads-maxpdusize: 2000000
> ads-saslHost: iikonne.xxx.com
> ads-saslPrincipal: ldap/[email protected]
> ads-saslRealms: example.com
> ads-saslRealms: apache.org
> ads-searchBaseDN: ou=users,ou=system
> ads-replEnabled: true
> ads-replPingerSleep: 5
> ads-enabled: TRUE
>
>
>
>
>
> From:   Emmanuel Lécharny <[email protected]>
> To:     [email protected],
> Date:   08/06/2014 02:47 PM
> Subject:        Re: SASL DIGEST-MD5 Authentication
>
>
>
> Le 06/08/14 21:16, Ike Ikonne a écrit :
> > Hi all,
> >
> > I would appreciate it if someone could direct me on how to setup
> > APACHE DS to support SASL DIGEST-MD5.  How can I setup
> > the realm for the example.com default domain?
>
> You have to set the saslHost parameter in the ldapServer entry :
>
> dn:
> ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
> objectclass: ads-server
> objectclass: ads-ldapServer
> objectclass: ads-dsBasedServer
> objectclass: ads-base
> objectclass: top
> ads-serverId: ldapServer
> ads-confidentialityRequired: FALSE
> ads-maxSizeLimit: 1000
> ads-maxTimeLimit: 15000
> ads-maxpdusize: 2000000
> ads-saslHost: ldap.example.com                           <<<----
> ads-saslPrincipal: ldap/[email protected]
> ads-saslRealms: example.com
> ads-saslRealms: apache.org
> ads-searchBaseDN: ou=users,ou=system
> ads-replEnabled: true
> ads-replPingerSleep: 5
> ads-enabled: TRUE
>
>
>

Reply via email to