Table of Contents

Search

  1. Preface
  2. Introduction to PowerExchange
  3. DBMOVER Configuration File
  4. Netport Jobs
  5. PowerExchange Message Logs and Destination Overrides
  6. SMF Statistics Logging
  7. PowerExchange Security
  8. Secure Sockets Layer Support
  9. PowerExchange Alternative Network Security
  10. PowerExchange Nonrelational SQL
  11. PowerExchange Globalization
  12. Using the PowerExchange ODBC Drivers
  13. PowerExchange Datatypes and Conversion Matrix
  14. DTL__CAPXTIMESTAMP Time Stamps
  15. PowerExchange Glossary

LDAP_SASL_MECH Statement

LDAP_SASL_MECH Statement

The LDAP_SASL_MECH statement specifies the authentication mechanism that the Simple Authentication and Security Layer (SASL) uses. You can define this statement if you define the LDAP_TLS statement or the LDAP_OPENSSL statement to require client certification.
Linux, UNIX, and Windows
LDAP_BIND_DN, LDAP_TLS, LDAP_OPENSSL
No
LDAP_SASL_MECH=
SASL_mechanism
For the
SASL_mechanism
variable, specify EXTERNAL. PowerExchange uses the SASL EXTERNAL authentication mechanism with LDAP. With this option, you do not need to specify the identity of the LDAP search user by including the LDAP_BIND_DN statement. Instead, the LDAP search user identity is determined from a TLS client certificate, together with the certificate mapping configuration of the LDAP server.
  • If you do not define the LDAP_BIND_DN statement or the LDAP_SASL_MECH statement, the LDAP client does not attempt to perform a bind and instead performs unauthenticated operations.