LDAP simple bind
Dan White
dwhite at olp.net
Tue Dec 4 13:19:41 EST 2007
Shelley Waltz wrote:
> I have a similar configuration running with much older versions of
> openldap/sasl.
>
> The objective is to have my imapd/smtp server autheticate users
> using uid/userPassword from my LDAP database in PLAINTEXT with TLS.
> The uid in my LDAP database is simple the username without any domain
> attached. The userPassword is in {CRYPT} in the LDAP database.
Another approach to this is to configure saslauthd to use PAM
rather than ldap, then configure the pam_ldap module to bind to
ldap instead. PAM shouldn't care that the passwords are crypted.
I'm using this approach with crypted userPassword fields,
although it's also on a rather old version of SASL/OpenLDAP.
It *should* work on newer versions.
- Dan
More information about the Cyrus-sasl
mailing list