To support LDAP clients, all servers must support the LDAP v3 protocol and compound naming and auxiliary object classes. In addition, at least one of the following controls must be supported:
Simple paged-mode (RFC 2696)
Virtual List View controls
The server must support at least one of the following authentication methods.
|
If an LDAP client is using the pam_unix_* modules, the server must support storing passwords in UNIX crypt format.
If an LDAP client is using TLS, the server must support SSL or TLS.
If an LDAP client is using sasl/GSSAPI, the server must support SASL, GSSAPI, Kerberos 5 authentication. Support for GSS encryption over the wire is optional.