[Freeipa-users] Transfer user database to FreeIPA LDAP
Dmitri Pal
dpal at redhat.com
Mon Jun 25 19:39:34 UTC 2012
On 06/25/2012 02:36 PM, Simo Sorce wrote:
> On Mon, 2012-06-25 at 13:51 -0400, Dmitri Pal wrote:
>> Simo are you sure simple bind is enough? I thought that it should be a
>> bind over SSL with some specific ext op. Do I recall it wrong?
> A bind over SSL is still called a "simple bind" and simply mean a bind
> that users a plain text password, the other option is a "SASL bind".
>
> We use SASL binds when using Krb credentials for example to do a
> SASL/GSSAPI/Krb5 bind.
>
> We could also use a SASL/PLAIN bind, but I think there is a bug in 389DS
> with SASL/PLAIN, there should be a ticket somewhere. But it is not
> important, SASL/PLAIN is almost never used.
>
> Simo.
>
I know that it is called a simple bind. But it is not just a simple
bind. It needs to be a bind over SSL and I recall some ext op being
required too but I am not sure and this is what I was asking about.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list