[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP and SASL



Aaron Richton wrote:
On Thu, 3 Sep 2009, Jittinan Suwanrueangsri wrote:

I have seen configuration which sasl get password from sasldb .I must run
saslpasswd2 to create user and password for authentication but Is it possible
to configure openldap and sasl verify authentication by getting password from
openldap self like it happen in simple binding(userPassword attribute).How
can I do it?

It's not entirely clear to me, but you may be looking for --enable-spasswd
(configure argument) to allow {SASL} password scheme in the userPassword
attribute. Examples (mostly focusing around Kerberos, I believe) are in
the list archives and probably the FAQ-O-Matic.

No, that tells slapd to ask SASL to do a password check, typically using sasldb. He wants to use in-directory SASL secrets, which is the opposite of what you answered.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/