OID SSL/SASL/TLS with pam_ldap, nss_ldap
Does anyone know how to get pam_ldap and/or nss_ldap to connect to OID using SSL/SASL/TLS encryption? I have everything working fine un-encrypted. It also works fine against openldap slapd using SSL/LDAPS. I just can't seem to connect to OID using SSL/LDAPS. It appears that Oracle is doing something different with their SSL auth than the other v3 directory servers (e.g. iPlanet, OpenLDAP, etc). I believe that's why they hacked together their own directory tools. Any hints, tips, pointers on the OID LDAPS/SSL implementation, or how to configure the client side /etc/ldap.conf would be greatly appreciated. I believe that OID uses SASL Digest-MD5 auth, but have not been able to put together a client configuration that works with the OID beast. I'm not getting any love from oracle on getting this working, as they don't care much about any of the open source clients or how they connect to their v3 compliant directory (unless your using pl/sql that is).
If you don't have experience with pam_ldap or nss_ldap, any pointers to getting the simple openldap, or netscape ldap tools (e.g. ldapsearch, ldapbind, ldapadd, etc) to bind using ldaps would be equally useful.
Thanks,
--Mark