Reuse the LDAP connection when Using SASL DIGEST-MD5

Similar Messages

• HOWTO Bind using SASL DIGEST-MD5?

  I haven't been able to bind to an LDAP server using SASL DIGEST-MD5
  using the Novell CSharp library. Can anyone explain how this is done,
  or point me to a code example?
  I can connect, bind, and search this LDAP server using Apache Directory
  Studio, so I know that my credentials are correct.
  Also, I have already used the Novell CSharp library for searching other
  LDAP servers using simple authentication, and SSL, but never SASL
  DIGEST-MD5.
  Thanks in advance for any help.
  danielnapierski
  danielnapierski's Profile: http://forums.novell.com/member.php?userid=63370
  View this thread: http://forums.novell.com/showthread.php?t=414964

  More than fifty people have read this post, but there are no replies as
  of yet. I'm going to interpret that as "SASL DIGEST-MD5 is not
  supported by the Novell CSharp library."
  danielnapierski;1995522 Wrote:
  > I haven't been able to bind to an LDAP server using SASL DIGEST-MD5
  > using the Novell CSharp library. Can anyone explain how this is done,
  > or point me to a code example?
  >
  > I can connect, bind, and search this LDAP server using Apache Directory
  > Studio, so I know that my credentials are correct.
  >
  > Also, I have already used the Novell CSharp library for searching other
  > LDAP servers using simple authentication, and SSL, but never SASL
  > DIGEST-MD5.
  >
  > Thanks in advance for any help.
  danielnapierski
  danielnapierski's Profile: http://forums.novell.com/member.php?userid=63370
  View this thread: http://forums.novell.com/showthread.php?t=414964

• Switching from tls:simple to tls:sasl/DIGEST-MD5

  How can I do this, and can someone post an example of how? Can DS 5.2 support more than one Authentication Method at a time?
  TIA,
  Chris

  I'm not sure. That's why I asked. :) And I only ask because one of the settings made via
  idsconfig is which "Authentication Methods" the DS will support. The choices being:
  * none
  * simple
  * sasl/DIGEST-MD5
  * tls:simple
  * tls:sasl/DIGEST-MD5
  When I set this DS up, I chose only tls:simple. A SunSolve document I read indicated that you
  could have chosen more than one at that time, but I didn't. What I need to know is how to add support
  for additional Authenticaion Methods after the fact. I assume there is a directory object somewhere and
  its a matter of modifying or adding an attribute, but I wanted to make sure there were no gotchas
  or caveats I should be aware of beforehand.

• LabView 6.1 crashes now and then when I try to get rid of an accidential starting connection when using the wiring tool.

  Sometimes when using my labtop it happens that I get unwanted connections when using the wiring tool because my labtop notices mouse clicks that never happend. Usually you can get rid of those connections by pressing ESC. But unfortunately now and than LabView crashes completely when pressing ESC to get rid of the connection.
  How can I stop LabView from crashing in that case?
  Thanks for anybodies help!

  Yes, I see this problem on both my LabView-Computers but more often on the labtop because of the strange integrated mouse.
  Yes, I get an error message but I can't really translate it in english. It says something about memory access to a special address.
  I might try reinstalling LabView one day if I have the time. I don't want to try LabView 7.0. I'm afraid it would be great. Unfortunately my boss alreday told me, we don't have money for the new version.
  Thanks for your help!

• How do I physically connect the SCXI 1180 when using a 1520 and 1346 adapter?

  Here's my current configuration:
  SCXI 1000 chassis
  x2 SCXI 1520 Bridge Modules (Slot 1, and Slot 2)
  1180 Feedthrough panel.
  I recently purchased a 1346 adapter so I can use the feedthrough to access AI channels on the DAQ card.
  My question is, how do I physically connect the ribbon cable of the 1180? Does it plug into the BACK of the last module in the chassis (ie. bridge module2 in slot 2) or does it plug into the other 49pin connector on the 1346 adapter?
  If you read the installation manual for the 1180 http://www.ni.com/pdf/manuals/371062a.pdf (Page 2-3)
  And the installation manual for the 1346 http://www.ni.com/pdf/manuals/320722b.pdf (page 2)
  it seems the instruction contradict eachother. The 1180 manual says connect it to the back of the module
  the note under Fig.2 on page 2 of the 1346 says you cannot have anything plugged into the module next to the one that has the 1346 plugged into it; in my case that's module 2...
  SCXI- 1000 Chassis w/ 1346 adapter
  PCI 6281 DAQ card
  SCXI- 1520 Bridge Board w/ 1314 Terminal Block (x2)
  SCXI- 1180 Feedthrough Panel w/ 1302 Block
  Signal Express 2014.
  Win7 Enterprise

  I have the 1346 plugged into the first module in slot 1.
  But let me try and clairfy what you're saying...
  "Then the cable from the 1346 kind of loops back into the chassis and through the 1180". So this is my answer? But I'm actually taking  the cable from the 1180 and plugging it into the other 49-pin connector on the 1346. Sorry, symantics...
  "...it must be on the first card when using a 1520". By "it" are you referring to the 1346 (which is how it's currently configured) or the 1180 cable?
  and lastly; why does the 1180 need to go into slot 2? I can currently fill both slots (1&2) with the 1520's and with the 1346 plugged into module1/slot1, I can pass the ribbon cable around back of module2 and into the 1346.
  Is there some other reason beside potential space limitations that you'd use the feedthrough in slot2?
  Thanks for your info and patience!
  Message Edited by OKors on 03-31-2010 12:50 PM
  SCXI- 1000 Chassis w/ 1346 adapter
  PCI 6281 DAQ card
  SCXI- 1520 Bridge Board w/ 1314 Terminal Block (x2)
  SCXI- 1180 Feedthrough Panel w/ 1302 Block
  Signal Express 2014.
  Win7 Enterprise

• Using tls:sasl/DIGEST-MD5 with client authentication

  Hi
  Have installed a certificate on the server and enabled it. Using Netscape i got the cert7.db and key3.db
  These work with ldapsearch with -Z -p options to get data securely through port 636.
  But when i copy db file to /var/ldap on the Solaris 8 client, and use a profile with tls:sasl/DIGEST-MD5 or tls:simple
  i get :
  Mesg: Session error , no avalible connection. And openConnection: sasl/DIGEST-MD5 (or simple) bind failed - Invalid credentials.
  Must i use Certificate based Authentication instead?
  Like the proxyagent must have a certificate installed. Or is there something that must be done to the cert7.db and key3.db files i got from Netscape?

  Im trying to get sasl/DIGEST-MD5 to work with Solaris 9 client. This command work:
  ldapsearch -D "" -w test1234 -o mech=DIGEST-MD5 -o authid="dn:cn=proxyagent,ou=profile,dc=net2,dc=kongsberg,dc=com" -o authzid="dn:cn=proxyagent,ou=profile,dc=net2,dc=kongsberg,dc=com" -b "dc=net2,dc=kongsberg,dc=com" "(objectclass=*)"
  Client configured with this:
  ldapclient -v init -a profileName=default -a domainName=net2.kongsberg.com -a proxyDN="cn=proxyagent,ou=profile,dc=net2,dc=kongsberg,dc=com" -a proxyPassword=test1234 172.18.2.19
  Profile:
  NS_LDAP_FILE_VERSION= 2.0
  NS_LDAP_BINDDN= cn=proxyagent,ou=profile,dc=net2,dc=kongsberg,dc=com
  NS_LDAP_BINDPASSWD= {NS1}4a3788e8c053424f
  NS_LDAP_SERVERS= 172.18.2.19
  NS_LDAP_SEARCH_BASEDN= dc=net2,dc=kongsberg,dc=com
  NS_LDAP_AUTH= sasl/DIGEST-MD5
  NS_LDAP_SEARCH_REF= FALSE
  NS_LDAP_SEARCH_SCOPE= one
  NS_LDAP_SEARCH_TIME= 30
  NS_LDAP_PROFILE= default
  NS_LDAP_CREDENTIAL_LEVEL= proxy
  NS_LDAP_BIND_TIME= 10
  messages log on client:
  Jan 14 08:00:32 panzer ldap_cachemgr[904]: [ID 293258 daemon.error] libsldap: Status: 49 Mesg: openConnection: sasl/DIGEST-MD5 bind failed - Invalid credentials
  Jan 14 08:00:32 panzer last message repeated 1 time
  Jan 14 08:00:32 panzer ldap_cachemgr[904]: [ID 293258 daemon.error] libsldap: Status: 7 Mesg: Session error no available conn.
  error log on server:
  [14/Jan/2004:08:06:47 +0100] conn=1622 op=2 msgId=-1 - closing - U1
  [14/Jan/2004:08:06:47 +0100] conn=1623 op=-1 msgId=-1 - fd=47 slot=47 LDAP connection from 172.18.2.41 to 172.18.2.19
  [14/Jan/2004:08:06:47 +0100] conn=1622 op=-1 msgId=-1 - closed.
  [14/Jan/2004:08:06:47 +0100] conn=1623 op=0 msgId=1 - BIND dn="dn: cn=proxyagent,ou=profile,dc=net2,dc=kongsberg,dc=com" method=sasl version=3 mech=DIGEST-MD5
  [14/Jan/2004:08:06:47 +0100] conn=1623 op=0 msgId=1 - RESULT err=14 tag=97 nentries=0 etime=0, SASL bind in progress
  [14/Jan/2004:08:06:47 +0100] conn=1623 op=1 msgId=2 - BIND dn="dn: cn=proxyagent,ou=profile,dc=net2,dc=kongsberg,dc=com" method=sasl version=3 mech=DIGEST-MD5
  [14/Jan/2004:08:06:47 +0100] conn=1623 op=1 msgId=2 - RESULT err=49 tag=97 nentries=0 etime=0
  Not sure why i get Invalid credentials, the passwords
  are stored in CLEAR. And you can see i use the same in ldapsearch and ldapclient.

• Using just the TV screen when using HDMI port?

  Hi,
  I have the Macbook Pro with retina display and I was wondering how I could use just the TV screen when using HDMI port. I don't want mirroring displays, just one on the TV.

  With the TV connected and the MBP plugged into the mains (i.e. not running on battery power) close the lid.  The MBP will go to sleep, wake it up with an external keyboard or mouse - which must be connected in advance, or paired in advance if a bluetooth keyboard/mouse.

• OS 10.4.6. has broken dialup connectivity when using fast user switching

  I installed OS 10.4.6. It seems to have broken dialup connectivity when using fast user switching when switching from one user to the next.
  For dialup, it is extreamly annoying that I can not resume downloading a file from were it got cut off, but now, if another user wants to check their email, my download always gets broken and has to be restarted. Dialup is slow enough with out having to start from scratch even more frequently, now.
  Also, in earlier versions of 10.2 or 10.3 (I don't remember which), I was able to switch users and maintain listening to a single users' iTunes.
  I would like to be able to switch users and not lose either my dialup network connection or the primary users currently playing iTunes songs.
  Perhaps for iTunes, one should be able to chose to mute another users' instance of iTunes, if it is currently playing.
  Mini-Mac 1.42GHz 80GB BT/AE   Mac OS X (10.4.6)  

  I have not tried replicating this but might be able to provide some additional information.
  We use network login accounts on our desktop computers. Fast User switching deliberately will not work for multiple network login accounts. (Remember network login accounts normally also have an associated network home directory mounted via AFP.)
  Now a bit of background about volumes and mount points under Mac OS X. Under Mac OS X, any additional drive (or more accurately 'volume') is listed under the 'Volumes' folder, remember also that Mac OS X is a Unix operating system. So just as normal for Unix, the boot drive is '/' or the root level and Volumes is a folder in it. The underlying Mac OS X software automatically 'attaches' and additional volumes as sub-folders in the 'Volumes' folder (in Unix speak these are called 'Mount Points'), if you have an external hard-disc called 'Fred' then this would be represented by the following path
  /Volumes/Fred
  If you happen to have two volumes with the same name connected at the same time then while in the Finder they may show up with the same name, in Unix they would have different names automatically assigned to keep them separate like so
  /Volumes/Fred
  /Volumes/Fred 1
  Now getting back to the Fast User switching problem and AFP volumes, when you login to a File Server volume it also is automatically added to the Volumes folder, so if we have a File Server volume called 'Shared' it would look like
  /Volumes/Shared
  With Fast User switching potentially both user accounts could be accessing the same /Volumes/Shared which means both user accounts would be talking to the server via the same File Server login, hence the possibility for one of the Fast User accounts to be using the 'wrong' permissions.

• Question about the CSS behavior when using layer 3 sticky and sticky table

  Hi everyone,
  I have a question about the CSS behavior when using layer 3 sticky and sticky table is full.
  If I configure layer 3 sticky and specify the inactivity timeout as below, how does the CSS
  handle subsequent needed sticky requests ?
  advanced-balance sticky-srcip
  sticky-inact-timeout 30
  CSS document says that
  Note:
  If you use the sticky-inact-timeout command to specify the inactivity timeout
  period on a sticky connection, when the sticky table becomes full and none of
  the entries have expired from the sticky table, the CSS rejects subsequent
  needed sticky requests.
  My question is what is the next reaction by doing the CSS if the CSS is in the
  following condition:
  when the sticky table becomes full and none of the entries have expired from
  the sticky table, the CSS rejects subsequent needed sticky requests
  Does CSS just rejects/drops subsequent needed sticky requests ?
  or
  Does CSS does not stick subsequence requests to particular service but CSS forward
  subsequence requests with round-robin basis ? which means if the sticky table is full,
  the CSS just works round-robin load balancing fashion for subsequence requests ?
  Your information would be appreciated.
  Best regards,

  Hello,
  There is a good document explaining this on Cisco web site
  http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_tech_note09186a0080094b4b.shtml
  It depends if the sticky-inact-timeout is used or not. If not, it's FIFO (the oldest entry in the sticky table is removed). If yes, the CSS will reject the next sticky request.
  Rgds,
  Gaetan
  Rgds
  Gaetan

• MacBook Pro i5 with retina will not recognize WD Passport even though I successfully used it to transfer programs and files from my older MacBook ten days ago. It receives power from the USB, but when using Time Machine I receive the message that there is

  MacBook Pro i5 with retina will not recognize WD Passport even though I successfully used it to transfer programs and files from my older MacBook ten days ago. It receives power from the USB, but when using Time Machine I receive the message that there is not an external device connected.

  If the modem is also a router, either use the modem in bridge and run pppoe client on the TC.. that is assuming ADSL or similar eg vdsl. If it is cable service.. and the modem is a router, then bridge the TC.. go to internet page and select connect by ethernet and below that set connection sharing to bridge.
  Please tell us more about the modem if the above gives you issues.

• I just updated my iphone 4 to ios6 and now I can't keep the wifi connection to stay on. I have to keep entering my wifi password when the phone goes to sleep. How do I keep the wifi connection when I wake up the phone?

  I just updated my iphone 4 to ios6 and I can't keep the wifi connection when the phone goes to sleep. I need to keep entering my wifi password when I wake up the phone. How do I keep the wifi on each time I walk into my house without reentering my password?

  What? Do you work for Apple?
  I have been on the phone for Apple since 5:30 Eastern Time today. We are still on the phone with them. It is 10:14 PM. We are going to get a new phone because the ios6 has major problems! The wifi connectivity is a serious problem. Apple is aware of it. More people need to do something about it. I am willing to start a class action suit against them. I have means to an attorney pro bono. If you are having problems using your iphone 4 or 4s with wifi and ios6...I suggest you spend time calling a senior advisor and get a new phone sent to you. They know they messed up but they can't fix it.

• Can you turn off the charging feature when using accessories?

  Can you turn off the charging feature when using accessories with the iPad?

  You cannot overcharge the battery when using the power adapter. Once the battery is fully charged, the iPad will no longer continue to charge if it is still connected. I leave my iPad on the power adapter for hours on end - on weekends when I am not at work.
  iPad - Charging the Battry
  http://support.apple.com/kb/HT4060
  About the iPad Battery
  http://www.apple.com/batteries/ipad.html
  These are both worthwhile reading for concerns about the battery and how to properly maintain it.
  I know nothing about external speakers with the iPad since I do not use them - but If the speaker is with a dock of some sort that charges the iPad - you should have no worries. If it is a dock that charges the iPad - I know of no way to turn off the charging feature, but it will not shorten the life of the battery anyway as long as the battery is properly maintained and cared for.
  Message was edited by: Demo

• Several of us have a iPhone 6s and are having trouble with hearing and speaking at the same time when using the phone. ? The speakers seem to be too far apart? Are others having this issue? Solutions?

  Several of us have a iPhone 6plus and are having trouble with hearing and speaking at the same time when using the phone. ? The speakers seem to be too far apart? Are others having this issue? Solutions?

  Not having the problem, don't personally know anyone who is.

• Get rid of the initial asterisk when using PasswordField masking in console

  Hi!
  How can I get rid of the initial astrerisk when using the PasswordField script from Sun?
  I've tried to check whether the BufferedReader is empty or not, but with no succes.
  Here comes the code:
  PasswordField.java
  import java.io.*;
  public class PasswordField {
      *@param prompt The prompt to display to the user
      *@return The password as entered by the user
     public static String readPassword (String prompt) {
        EraserThread et = new EraserThread(prompt);
        Thread mask = new Thread(et);
        mask.start();
        BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
        String password = "";
        try {
           password = in.readLine();
        } catch (IOException ioe) {
          ioe.printStackTrace();
        // stop masking
        et.stopMasking();
        // return the password entered by the user
        return password;
  }EraserThread
  import java.io.*;
  class EraserThread implements Runnable {
     private boolean stop;
      *@param The prompt displayed to the user
     public EraserThread(String prompt) {
         System.out.print(prompt);
      * Begin masking...display asterisks (*)
     public void run () {
        stop = true;
        while (stop) {
           System.out.print("\010*");
        try {
           Thread.currentThread().sleep(1);
           } catch(InterruptedException ie) {
              ie.printStackTrace();
      * Instruct the thread to stop masking
     public void stopMasking() {
        this.stop = false;
  }

  Hello Yajai,
  The example program will use the default value for timeout, 10 seconds. To change this, you will have to set the Stream.Timeout value. I inserted this function into the example and set it equal to -1, and the program will wait indefinitely for the trigger signal without timing out. Please see the attached image to how this was implemented.
  I hope this help. Let me know if you have any further questions.
  Regards,
  Sean C.
  Attachments:
  SetTimeout.bmp ‏2305 KB

• TS2570 doesn't work, still the same problem when using Rapidweaver software. NOT with other software.

  i tried everything in this article, but still have the same problem when using Rapidweaver software. NOT with other software. I am converting my iWeb site  to Rapidweaver, whenever there is a calmer period in my office. I have 16 Gb RAM on my NEW iMac and have Parallels desktop, mail, safari, iWeb and Rapidweaver running simultanious.
  I never have the problem if i don't use Rapidweaver, but after i have added several pages to Rapidweaver, the problem begins. my iMac won't start up. the only thing that works is re-installing Macos OS X 10.8. i tried even whiping the completeharddrive, and reinstalling with a complete new user, the same problem.
  I had it on my previous iMac also, and bought a new one because i thought the problem was in the iMac first. i hadn't noticed it only happens with using rapidweaver.
  i sent my complete rapidweaver project to the programmers from rapidweaver at Realmacsoftware, but they couldnt reproduce my problem, there macs started up without any problem.
  i deleted all the rapidweaver addons and extra stacks, and started a complete new project.
  saterday i had the problem again, after adding about 5 new pages to my rapidweaver site.
  i think i have reinstalled Macos OS X 10.8.2 20 or 30 times by now
  does anyone have a sollution?

  Type '''about:support''' in the URL bar and hit Enter.
  Scroll down almost to the bottom of that listing and see if you have '''user.js Preferences''' just above the '''''Graphics''''' category.
  If you do have that, click on '''user.js file''' in this sentence. <br />
  ''Your profile folder contains a user.js file, which includes preferences that were not created by Firefox.''
  Does that "different homepage" appear in that user.js file?