3.1.1.3.4.5 LDAP SASL Mechanisms

The following sections describe the SASL mechanisms that are implemented by DCs. SASL is described in [RFC2222], and the usage of SASL and other authentication methods in LDAP is described in [RFC2829]. The SASL mechanisms supported by a DC are exposed as strings in the supportedSASLMechanisms attribute of the rootDSE.

Not all applicable Windows Server releases and Active Directory Application Mode (ADAM) versions support all the LDAP SASL mechanisms. The following table indicates where the SASL mechanisms are supported.

Mechanism name

Windows 2000 operating system

Windows Server 2003 operating system and later

AD LDS

GSSAPI

 X

 X

X

GSS-SPNEGO

 X

 X

X

EXTERNAL

 X

X

DIGEST-MD5

 X

X

Additional details of LDAP authentication in Active Directory are in section 5.1.

Show: