Hi Per,

Thanks for your reply.

389-users-bounces@lists.fedoraproject.org wrote on 19.05.2010 13:32:36:
> Is the ldap server configured for sasl?


> it would seem that the osx
> client tries with sasl and only sasl when that does not work it unbinds
> and does not try simple bind, it may see that the ldap server is showing
> sasl as a available authentication method but it is not really
> available, can you exec login into it?

This is what I try to figure out right now. I am just searching where
to switch of some SASL methods (or SASL at all) in 389ds. Do you know
where this can be done. Haven't found anything yet (beside of the ./configure
switches). I am searching something which does not require a recompile.

> also did you reboot the mac box
> after configuring the ldap login?
Sure. But it was reproducable without reboot. If my password was

stored cleartext I could log in. If I changed it back to SSHA or MD5
login was no longer possible.