3.1.1.3.4.5 LDAP SASL Mechanisms
The following sections describe the SASL mechanisms that are implemented by DCs. SASL is described in [RFC2222], and the usage of SASL and other authentication methods in LDAP is described in [RFC2829]. The SASL mechanisms supported by a DC are exposed as strings in the supportedSASLMechanisms attribute of the rootDSE.
Not all applicable Windows Server releases and Active Directory Application Mode (ADAM) versions support all the LDAP SASL mechanisms. The following table indicates where the SASL mechanisms are supported.
|
Mechanism name |
Windows 2000 operating system |
Windows Server 2003 operating system and later |
AD LDS |
|---|---|---|---|
|
GSSAPI |
X |
X |
X |
|
GSS-SPNEGO |
X |
X |
X |
|
EXTERNAL |
|
X |
X |
|
DIGEST-MD5 |
|
X |
X |
Additional details of LDAP authentication in Active Directory are in section 5.1.