auth_pam.c patch (fwd)

Dmitriy Kirhlarov dkirhlarov at oilspace.com
Wed Nov 16 04:18:00 EST 2005


On Tue, Nov 15, 2005 at 09:58:51PM +0100, iMil wrote:
> i am working on a mail solution based on sendmail, ldap and saslauthd. To
> authenticate users, i choosed to use pam_ldap in conjunction with
> saslauthd. My users are identified with they usernames assosiated with

Is your really need use saslauthd + pam_ldap? Why you can't just use
saslauthd?

> It applies to version 2.1.21 (from FreeBSD ports), hope you'll like it

$ cd /usr/ports/security/cyrus-sasl2-saslauthd; make -DWITH_OPENLDAP install

$ saslauthd -v
saslauthd 2.1.21
authentication mechanisms: sasldb getpwent kerberos5 pam rimap ldap
                                                               ^^^^
$ echo "ldap_servers: ldaps://...
ldap_tls_cacert_file: ...
ldap_search_base: ou=users,o=%2
ldap_default_realm: domain.com" > /usr/local/etc/saslauthd.conf

$ /usr/local/sbin/saslauthd -a ldap -O /usr/local/etc/saslauthd.conf

Your users can use short name such as "vasia", if they in
ou=users,o=domain, and "vasia at another_domain.com" for
ou=users,o=another_domain

I think you not need patches and not need using pam_ldap.

-- 
Dmitriy Kirhlarov
OILspace, 26 Leninskaya sloboda, bld. 2, 2nd floor, 115280 Moscow, Russia
P:+7 095 105 7247 ext.203 F:+7 095 105 7246 E:DmitriyKirhlarov at oilspace.com
OILspace - The resource enriched - www.oilspace.com


More information about the Cyrus-sasl mailing list