[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: 2.2.11 and --enable-kpasswd
Please do not reply to me directly, keep the discussion on
openldap-software.
Today at 10:41pm, Dan wrote:
> Thanks for the info!
>
> This should be manageable. I already run saslauthd to lookup ldap
> accounts for authenticating virtual cyrus imap users. I guess all
> OpenLDAP servers will now need to run saslauthd with kerberos v5.
>
> I guess i will need to start storing password hashes in ldap for these
> virtual users. Or have a seperate box running cyrus just for virtual
> users.
NO! If set up properly, all you need to do is change
{kerberos}userid@realm into {sasl}userid@realm for the value of the
userPassword attribute.
>
> Cheers,
>
> Dan
>
>
> On Thu, 2004-05-27 at 21:28, Frank Swasey wrote:
> >
> > No, this feature is not supported any longer. You can check back
> > through the archives of this list. You will need to set up saslauthd
> > and convert your passwords to {sasl} instead of {kerberos}. Once you
> > get past the typos (that I made...) it works well. RH9's saslauthd
> > needs to be recycled frequently because it leaks memory like a sieve!
>
--
Frank Swasey | http://www.uvm.edu/~fcs
Systems Programmer | Always remember: You are UNIQUE,
University of Vermont | just like everyone else.
=== God bless all inhabitants of your planet ===