SASL over LDAP don't work
Dieter Kluenter
dieter at dkluenter.de
Tue Dec 11 04:29:31 EST 2007
"NguyenHuynh" <huynhnguyen at mikorn.com> writes:
> SASL over LDAP
>
> I’m trying to using SASL over LDAP for authentication but I don’t still work yet
>
> Details:
>
> OS: FreeBSD
>
> Packages:
>
> cyrus-sasl-2.1.22 RFC 2222 SASL (Simple Authentication and Security Layer)
>
> cyrus-sasl-ldapdb-2.1.22 SASL LDAPDB auxprop plugin
>
> cyrus-sasl-saslauthd-2.1.22 SASL authentication server for cyrus-sasl2
>
> postfix-current-2.5.20071006,4 A secure alternative to widely-used Sendmail
>
> Configure SASL in main.cf for postfix:
>
> ………………..
>
> smtpd_sasl_auth_enable = yes
>
> smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination,
> permit_mynetworks, reject
>
> smtpd_sasl_authenticated_header = yes
>
> ………………..
>
> Configure SASL for authentication:
>
> #vi /usr/local/lib/sasl2/smtpd.conf
>
> pwcheck_method: saslauthd
>
> auxprop_plugin: ldap
You should either use saslauthd or ldapdb, I prefer ldapdb.
This is my smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: ldapdb
ldapdb_uri: ldap://server.meine-firma.de
# ldapdb_uri: ldapi://%2Fvar%2Frun%2Fldapi
ldapdb_id: mailadmin
ldapdb_pw: secret
ldapdb_mech: DIGEST-MD5
# ldapdb_starttls: try
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6
More information about the Cyrus-sasl
mailing list