A question about LDAP standards: When attempting a SASL bind (CRAM-MD5) against an OpenLDAP server, if the server lacks the shared secret necessary to do CRAM-MD5 authentication, it returns resultCode 80 (other), error message "SASL(-13): user not found: no secret in database".
When attempting the same bind against a Fedora Directory Server, if the server lacks the shared secret necessary to do CRAM-MD5 authentication, it returns resultCode 49 (invalidCredentials), error message "SASL(-13): authentication failure: incorrect digest response". OS X's LDAP client treats the two result codes differently; if it gets resultCode other, it falls back to simple authentication (which works), whereas if it gets resultCode invalidCredentials, it simply fails. Are there any standards covering what should be done in this case (i.e., if OpenLDAP or FDS is more correct)? Thanks. Josh Kelley --- You are currently subscribed to ldap@umich.edu as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
