[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: newbie question. Add SASL Auth.



On Tue, Aug 27, 2002 at 06:40:10PM +0400, Ilya Bassine wrote:

>  But I'd like to add a SASL auth (to store passwords in sasldb)
>  I've tried several configuration, but it doesn't work.
>  Especially the formation of DN taht  should contain UID and AUTH,
>  AUTH-shema (like digest-md5) is not clear for me.

Have you read the latest version of the 2.1 admin guide? The SASL
chapter is at:

	http://www.openldap.org/doc/admin21/sasl.html

This contains several examples, though if you just want to use sasldb
it is very easy:

1)	Make sure you have a username in sasldb, e.g.:

		saslpasswd -c myusername

2)	Make sure that SLAPD is running as a UID that can read the
	SASL database (usually root, though you could consider making
	/etc/sasldb owned by another user if SLAPD is the only thing
	that will access it)

3)	Use the client commands with the -U flag and without -x:

	ldapsearch -U myusername -b 'o=My Organization,c=RU' '(objectclass=*)'

Note that once you have more than one machine involved you need to start
specifying realm names explicitly, as the default is the full hostname
of the machine.

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|        Andrew.Findlay@skills-1st.co.uk       +44 1628 782565        |
-----------------------------------------------------------------------