Skip to end of metadata
Go to start of metadata

The Person Directory Service and Groups Directory Service require use one of the following authentication methods:

Method

Description

SASL Bind

Standard SASL (Simple Authentication and Security Layer) Bind mechanism is supported. We recommend SASL EXTERNAL (SSL client certificate) authentication using UW Services CA certificates. But SASL GSSAPI (Kerberos) authentication is also supported.

Non-Standard Simple Bind

Non-standard client certificate authentication via standard Simple Bind is supported. Binding with name cn=external and password X509 causes the server to look for an SSL client certificate and use its subject name for the actual bind DN. The SSL connection must be made using a client certificate from the UW Services CA, either on the LDAPS service port (636), or StartTLS negotiated on the normal LDAP port (389).