directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre Smits <pierre.sm...@gmail.com>
Subject Re: SASL DIGEST-MD5 Authentication
Date Wed, 06 Aug 2014 20:09:16 GMT
Ike,

Of course, you have to change example.com and EXAMPLE.COM for your realms.

Regards,

Pierre Smits

*ORRTIZ.COM <http://www.orrtiz.com>*
Services & Solutions for Cloud-
Based Manufacturing, Professional
Services and Retail & Trade
http://www.orrtiz.com


On Wed, Aug 6, 2014 at 10:01 PM, Ike Ikonne <iikonne@us.ibm.com> wrote:

> Hi
>
> After making the change that you suggested, I get the following from the
> server
>
> LDAP: error code 49 - INVALID_CREDENTIALS: DIGEST-MD5: digest response
> format violation. Nonexis
> tent realm: example.com
>
> Here is how my apache directory configuration looks like:
>
> dn:
> ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
> objectclass: ads-server
> objectclass: ads-ldapServer
> objectclass: ads-dsBasedServer
> objectclass: ads-base
> objectclass: top
> ads-serverId: ldapServer
> ads-confidentialityRequired: FALSE
> ads-maxSizeLimit: 1000
> ads-maxTimeLimit: 15000
> ads-maxpdusize: 2000000
> ads-saslHost: iikonne.xxx.com
> ads-saslPrincipal: ldap/ldap.example.com@EXAMPLE.COM
> ads-saslRealms: example.com
> ads-saslRealms: apache.org
> ads-searchBaseDN: ou=users,ou=system
> ads-replEnabled: true
> ads-replPingerSleep: 5
> ads-enabled: TRUE
>
>
>
>
>
> From:   Emmanuel Lécharny <elecharny@gmail.com>
> To:     users@directory.apache.org,
> Date:   08/06/2014 02:47 PM
> Subject:        Re: SASL DIGEST-MD5 Authentication
>
>
>
> Le 06/08/14 21:16, Ike Ikonne a écrit :
> > Hi all,
> >
> > I would appreciate it if someone could direct me on how to setup
> > APACHE DS to support SASL DIGEST-MD5.  How can I setup
> > the realm for the example.com default domain?
>
> You have to set the saslHost parameter in the ldapServer entry :
>
> dn:
> ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config
> objectclass: ads-server
> objectclass: ads-ldapServer
> objectclass: ads-dsBasedServer
> objectclass: ads-base
> objectclass: top
> ads-serverId: ldapServer
> ads-confidentialityRequired: FALSE
> ads-maxSizeLimit: 1000
> ads-maxTimeLimit: 15000
> ads-maxpdusize: 2000000
> ads-saslHost: ldap.example.com                           <<<----
> ads-saslPrincipal: ldap/ldap.example.com@EXAMPLE.COM
> ads-saslRealms: example.com
> ads-saslRealms: apache.org
> ads-searchBaseDN: ou=users,ou=system
> ads-replEnabled: true
> ads-replPingerSleep: 5
> ads-enabled: TRUE
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message