SASL and LDAP problem
gildas.bayard at hds.utc.fr
Thu Jul 23 10:38:41 EDT 2009
I'm setting up a new ldap server on ubuntu server 8.04.3 LTS.
man slapd.conf encourages me into using SASL auth for rootdn instead of
setting the rootpw parameter in slapd.conf.
So I created a user in sasldb with saslpasswd2. sasldblistusers2 give me
admin at coruscant: userPassword which is what is expected.
But then I see that the password there is in plain text so I don't
really get the advantage of using sasldb then. So I decide to use
saslauthd instead (which in turn will use pam by default).
My problem is that I could not find how to tell openldap to use
saslauthd instead of sasldb.
I tried to add a /usr/lib/sasl2/slapd.conf file with this inside (world
But it seems that this file is not read. I see that ubuntu created a
/etc/ldap/sasl2 directory for me but how could I know if sasl is looking
in it? How does sasl know it has to look for a slapd.conf file and not
openldap.conf or whatever.conf? Is it openldap which specifies the conf
file to use or is it libsasl2?
Could someone shed some light on this subject for me?
More information about the Cyrus-sasl