[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP and SASL



Jittinan Suwanrueangsri <jittinan2@gmail.com> writes:

> Hi
>
> I have seen configuration which sasl get password from sasldb .I must
> run saslpasswd2 to create user and password for authentication but Is
> it possible to configure openldap and sasl verify authentication by
> getting password from openldap self like it happen in simple
> binding(userPassword attribute).How can I do it?

There is nothing special to do. ldapsearch -Y DIGEST-MD5 -U foo -w
secret -H ldap://myhost -b dc=example,dc=com ...
All you have to do is to set the userPassword value as plaintext,
otherwise the challenge cannot be created. If you want to parse the
sasl authentication string to a DN, than you have to define a
authz-regexp in in slapd.conf(5) and the user has to have a uid
attribute.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E