[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP and SASL problem

To: openldap-software@openldap.org
Subject: LDAP and SASL problem
From: Gildas Bayard <gildas.bayard@hds.utc.fr>
Date: Thu, 23 Jul 2009 16:35:40 +0200
User-agent: Thunderbird 2.0.0.22 (X11/20090608)

Hello,

I'm setting up a new ldap server on ubuntu server 8.04.3 LTS.

man slapd.conf encourages me into using SASL auth for rootdn instead ofsetting the rootpw parameter in slapd.conf.


So I created a user in sasldb with saslpasswd2. sasldblistusers2 give me
admin@coruscant: userPassword which is what is expected.

But then I see that the password there is in plain text so I don'treally get the advantage of using SASL then. So I decide to usesaslauthd instead (which in turn will use pam by default).

My problem is that I could not find how to tell openldap to usesaslauthd instead of sasldb.

I tried to add a /usr/lib/sasl2/slapd.conf file with this inside (worldreadable):

pwcheck_method: saslauthd

But it seems that this file is not read. I see that ubuntu created a/etc/ldap/sasl2 directory for me but how could I know if sasl is lookingin it? How does sasl know it has to look for a slapd.conf file and notopenldap.conf or whatever.conf?


Could someone shed some light on this subject for me?

Cheers,
Gildas

Follow-Ups:
- Re: LDAP and SASL problem
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: NameAndOptionalUID (was: OpenLDAP 2.4.16: can not add multiple 'member' attributes to object groupOfNames)
Next by Date: RE: performance issue behind a a load balancer 2.3.32
Index(es):
- Chronological
- Thread