[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: 2.2.11 and --enable-kpasswd
On Fri, 28 May 2004 at 1:12am, Dan wrote:
> > NO! If set up properly, all you need to do is change
> > {kerberos}userid@realm into {sasl}userid@realm for the value of the
> > userPassword attribute.
> >
>
> >From your previous email i got the impression saslauthd was required for
> this. If my saslauthd is configured to use LDAP (as opposed to say
> kerberos) how will it be able to verify passwords? Wouldn't this
> configuration cause a loop or sorts?
Well, if saslauthd is going to turn around and ask LDAP if the password
is correct, then yes -- that's in the dictionary under "loop, endless:
see endless loop" ... "endless loop: see loop, endless" ...
What is recommended is you configure saslauthd to use Kerberos, and then
slapd to use saslauthd.... It's in the archives... Search for
saslauthd, oh... almost a year ago now, I think....
--
Frank Swasey | http://www.uvm.edu/~fcs
Systems Programmer | Always remember: You are UNIQUE,
University of Vermont | just like everyone else.
=== God bless all inhabitants of your planet ===