Seau Yeen Su wrote: > > 1. Yes, i am talking about SASL bind with password-based mechs. What do > you mean by in-directory passwords? Where are the in-directory passwords > stored? How do i set userPassword attributes? The userPassword attribute is an attribute like any other attribute within the user's directory entry. See entry > 2. Again, what do you mean by the directory? Well, simply your LDAP server with the database. > 3. Can you give an example of slapd.conf with configuration for a > digest-MD5 SASL authenticaion method? I am pretty lost now. All that you > mention i have read before but i just don't know how to piece them all > together. Well, I don't want to be rude but you should probably do some more reading. I've attached a tar.gz with a testbed configuration I've prepared for SASL testing with the CAS SSO project. But judging from some of your questions it seems you might also be lost with this. > For, eg, if i > set rootpw to admin, the password i provide when ldap prompts for > password, should be "admin"? Yes, then the password is simply "admin" and you should be able to use SASL/DIGEST-MD5 bind. > 5. What do you mean by grant access to users? Can you please explain more? You should read about access control: http://www.openldap.org/doc/admin24/access-control.html http://www.openldap.org/faq/data/cache/189.html Ciao, Michael.
Attachment:
openldap-testbed-CAS.tar.gz
Description: GNU Zip compressed data