[Freeipa-users] NTLM SASL?
Brian Candler
b.candler at pobox.com
Thu Dec 22 14:03:45 UTC 2016
On 22/12/2016 11:42, Brian Candler wrote:
> Now, under cn=config, I see:
>
> nsslapd-allowed-sasl-mechanisms:
>
> (i.e. empty).
>
> I tried changing this to "NTLM" and it accepted the change.
Aside: I'm also stuck changing it back to what it was :-(
None of these works:
dn: cn=config
changetype: modify
replace: nsslapd-allowed-sasl-mechanisms
nsslapd-allowed-sasl-mechanisms:
-
# Server is unwilling to perform (53)
dn: cn=config
changetype: modify
delete: nsslapd-allowed-sasl-mechanisms
-
# Server is unwilling to perform (53)
# additional info: Deleting attributes is not allowed
dn: cn=config
changetype: modify
replace: nsslapd-allowed-sasl-mechanisms
-
# accepted, but doesn't change the value of the attribute
So for now, I've set "nsslapd-allowed-sasl-mechanisms: GSSAPI EXTERNAL".
But that means this server is in a different config state to its replica
peers, which I wonder might bite me one day.
Thanks,
Brian.
More information about the Freeipa-users
mailing list