[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Problems Enabling Authentication using Cyrus SASL
Fernando Torrez <fernando_torrez@hotmail.com> writes:
> Hi all
>
> I got work sasl authentication to access ldap server by correcting two things:
> 1.- inserting the proxyuser's userpassword in clear text (userPassord=secret)
> 2.- fixing the proxyuser's authzTo atributte to
> authzTo: ldap:///ou=people,dc=plainjoe,dc=org??sub?(objectClass=account)
> (results at the end of this mail)
>
> As far as it can be seen, there's no need for cyrus-sasl for these matter
>
> but my final purpose is to enable Cyrus-sasl with openldap as backend to
> authenticate users for cyrus-imapd and postfix services.
> Any hints would be appreciated.
As you have SASL and proxy user running already check whether there is
a libldapdb in /usr/lib/sasl2, if so, all you you have to do is edit
a smtpd.conf and imapd.conf and allow postfix and cyrus-imapd to to
sasl authentication. Just as an example a /etc/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: ldapdb
mech_list: PLAIN LOGIN DIGEST-MD5
ldapdb_uri: ldap://localhost
ldapdb_id: mailadmin
ldapdb_pw: xxxxx
ldapdb_mech: DIGEST-MD5
ldapdb_rc: /etc/sasl2/ldaprc
ldapdb_starttls: demand
The file /etc/sasl2/ldaprc contains TLS configuration.
-Dieter
--
Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6