--On Saturday, July 9, 2022 8:01 PM +0200 Stéphane Veyret
<[email protected]> wrote:
Hi,
In my home network, I have a MIT Kerberos installation backed by
OpenLDAP. Because some of my apps do not work using GSSAPI, I would
like to be able to log into them directly using LDAP.
The way that SASL passthrough works is that you put the value {SASL} for
the userPassword. This tells slapd to pass the user authentication to SASL
to handle. You don't set an actual password value in the userPassword
attribute.
So it should be:
userPassword: {SASL}
set via an ldapmodify operation (not an ldap v3 password modify operation).
Regards,
Quanah
