perl-ldap-dev

LDAP_CONFIDENTIALITY_REQUIRED

[Pooja <juh...@wo...>]

I am new to NDS. I always get the following error 
"LDAP_CONFIDENTIALITY_REQUIRED" when I do the bind using dn
and password. 

my $mesg = $ldap->bind (dn       => $dn, password =>
$password);
print "  " . $mesg->code . "   ";
print ldap_error_name($mesg->code) ;

Can some one tell what am i doing wrong? 
The same code works for Netscape directory server.

thanks



 

Re: LDAP_CONFIDENTIALITY_REQUIRED

[Jim H. <ha...@us...>]

Try my $mesg = $ldap->bind ($dn => $dn, password =>$password,version =>
3);

Also, make sure you have the right password.

On Mon, 9 Apr 2001, Pooja wrote:

> I am new to NDS. I always get the following error
> "LDAP_CONFIDENTIALITY_REQUIRED" when I do the bind using dn
> and password.
>
> my $mesg = $ldap->bind (dn       => $dn, password =>
> $password);
> print "  " . $mesg->code . "   ";
> print ldap_error_name($mesg->code) ;
>
> Can some one tell what am i doing wrong?
> The same code works for Netscape directory server.
>
> thanks
>
>
>
>
>
>

Re: LDAP_CONFIDENTIALITY_REQUIRED

[Chris R. <chr...@me...>]

Jim Harle <ha...@us...> wrote:
> Try my $mesg = $ldap->bind ($dn => $dn, password =>$password,version =>
> 3);
> 
> Also, make sure you have the right password.
> 
> On Mon, 9 Apr 2001, Pooja wrote:
> 
>> I am new to NDS. I always get the following error
>> "LDAP_CONFIDENTIALITY_REQUIRED" when I do the bind using dn
>> and password.

That error *suggests* that the server is not willing to accept simple binds
using a password sent to it in the clear, which is what you are trying to
do.

Instead, your server may require that you have a 'confidential' connection,
perhaps one over SSL, eg LDAPS (supported in Net::LDAPS), or TLS (not yet
supported by Net::LDAP.)

Alternatively, you might be able to use SASL to negotiate such a
connection. I'm not sure the SASL mechanisms available in perl (read
perldoc Authen::SASL) can negotiate these, but Graham will know for sure.

Requiring a confidential connection would appear to be a feature of the way
your server's been set up; perhaps you could clarify this with the manager
of the server?

Cheers,

Chris

Re: LDAP_CONFIDENTIALITY_REQUIRED

[Graham B. <gb...@po...>]

On Tue, Apr 10, 2001 at 08:09:08AM +0100, Chris Ridd wrote:
> Alternatively, you might be able to use SASL to negotiate such a
> connection. I'm not sure the SASL mechanisms available in perl (read
> perldoc Authen::SASL) can negotiate these, but Graham will know for sure.

IIRC CRAM-MD5 is the only implemented method so far. But the whole Authen::SASL
package needs some attention.

Graham.

Re: LDAP_CONFIDENTIALITY_REQUIRED

[Pooja <juh...@wo...>]

 
I looked at the novell documentation and now the server
accepts clear text passwords. The problem seems to be
solved.

thanks .

On Tue, 10 Apr 2001 08:09:08 +0100
 Chris Ridd <chr...@me...> wrote:
> *This message was transferred with a trial version of
> CommuniGate(tm) Pro*
> Jim Harle <ha...@us...> wrote:
> > Try my $mesg = $ldap->bind ($dn => $dn, password
> =>$password,version =>
> > 3);
> > 
> > Also, make sure you have the right password.
> > 
> > On Mon, 9 Apr 2001, Pooja wrote:
> > 
> >> I am new to NDS. I always get the following error
> >> "LDAP_CONFIDENTIALITY_REQUIRED" when I do the bind
> using dn
> >> and password.
> 
> That error *suggests* that the server is not willing to
> accept simple binds
> using a password sent to it in the clear, which is what
> you are trying to
> do.
> 
> Instead, your server may require that you have a
> 'confidential' connection,
> perhaps one over SSL, eg LDAPS (supported in Net::LDAPS),
> or TLS (not yet
> supported by Net::LDAP.)
> 
> Alternatively, you might be able to use SASL to negotiate
> such a
> connection. I'm not sure the SASL mechanisms available in
> perl (read
> perldoc Authen::SASL) can negotiate these, but Graham
> will know for sure.
> 
> Requiring a confidential connection would appear to be a
> feature of the way
> your server's been set up; perhaps you could clarify this
> with the manager
> of the server?
> 
> Cheers,
> 
> Chris