[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLDAP and Cyrus SASL
When using SASL with OpenLDAP do I need to add an entry into the LDAP
directory specifically for authentication?
I am of the understanding that I don't, instead I use a login name on the
LDAP server like
uid=someuser,cn=DIGEST-MD5,cn=auth
With the SASL-regexp directive set as
sasl-regexp
uid=(.*),cn=.*,cn=auth
uid=$1,ou=People,o=myorganisation
I'm a little confused as to how these plug together so please help!
If this isn't the case could someone tell me what I need to do to get users
authenticating against SASL?
i.e. what I should put in an LDIF file to add to the LDAP server
I would also like to know if I can store the manager password in SASL?
Also what access controls could I use so anyone in the sales ou could write
to that ou and read from all others, but users who haven't authenticated
can't read anything?
Thanks in advance
Karl
Extra information
-----------------
openldap-2.0.23-4 (is linked against SASL)
ldbm database
cyrus-sasl-2.1.2-1
OS: redhat 7.3
also using SASL for Cyrus IMAPd and in the future SMTP auth.