Enabling PLAIN LDAP binds on OSX 10.7 Lion and 10.8 Mountain Lion

OSX 10.7 and 10.8 have some issues talking to OpenLDAP and 389 (Red Hat Directory Server), because the server advertises non-plain BINDs in the root DSE entry, but these binds don't work when your user entries have hashed passwords (which they should).

PS: 10.7.0 and 10.7.1 are horribly broken and should not be used by anyone for LDAP related work. 10.8.0 seems okay at first glance.

Shamelessly borrowing from the following blog entry

....however I prefer the following shell:

for plist in  /Library/Preferences/OpenDirectory/Configurations/LDAPv3/*.plist
    for method in CRAM-MD5 NTML GSSAPI
        /usr/libexec/PlistBuddy -c "add ':module options:ldap:Denied SASL Methods:' string $method" $plist
killall opendirectoryd        # this refreshes cache