We are now starting to use the LDS but we have an issue with the DIGEST-MD5 bindings.
This biddings is working find with Proxy user ( synchronized with the AD ) but not specific LDS User.
Here is the code i use......to test the login with both type of user
We've take a look in different sources and we check that supportedSASLMechanisms contains the DIGEST-MD5 format.
We also add the ADAMDisableSSI=0 like the documentation says.
But the login failed with MD5, we are able to see the log of what happen (see below)
The error is AcceptSecurityContext error, data 52e which means that the paswword does not fit.
What we think is that for DIGEST-MD5 to work , client's password must be stored using reversible encryption so that the authentication agent (AD) can retrieve the password in clear text and then calculate the hash H().
But how to do it ?
We would appreciate if someone can give us a clue on this topic