LDAP simple bind

Dan White dwhite at olp.net
Tue Dec 4 13:19:41 EST 2007


Shelley Waltz wrote:
> I have a similar configuration running with much older versions of 
> openldap/sasl.
> 
> The objective is to have my imapd/smtp server autheticate users
> using uid/userPassword from my LDAP database in PLAINTEXT with TLS.
> The uid in my LDAP database is simple the username without any domain
> attached.  The userPassword is in {CRYPT} in the LDAP database.

Another approach to this is to configure saslauthd to use PAM 
rather than ldap, then configure the pam_ldap module to bind to 
ldap instead. PAM shouldn't care that the passwords are crypted.

I'm using this approach with crypted userPassword fields, 
although it's also on a rather old version of SASL/OpenLDAP.

It *should* work on newer versions.

- Dan


More information about the Cyrus-sasl mailing list