SASL binding with SSL encryption

Xu, Qiang (FXSGSC) Qiang.Xu at fujixerox.com
Tue Oct 27 01:56:28 EDT 2009


Hi, all: 

I am using Mozilla LDAP library to do SASL binding with SSL encryption against Active Directory. To make it work, it is necessary to set the security option "maxssf=0". 

Still, in testing against AD in Windows 2003 Server (or Windows 2000 Server), the binding result is good and bad alternatively, exhibiting a pingpong style. In contrast, if I do the same test against AD in Windows 2008 Server, the binding is always good. 

Is a known issue of AD in Windows 2003/2000 Server, and if there is any patch available? Just want to see if anyone in this list has had the same experience as mine.

Thanks,
Xu Qiang



More information about the Kerberos mailing list