SASL and LDAP problem

Gildas Bayard gildas.bayard at
Thu Jul 23 10:38:41 EDT 2009


I'm setting up a new ldap server on ubuntu server 8.04.3 LTS.
man slapd.conf encourages me into using SASL auth for rootdn instead of 
setting the rootpw parameter in slapd.conf.

So I created a user in sasldb with saslpasswd2. sasldblistusers2 give me
admin at coruscant: userPassword which is what is expected.
But then I see that the password there is in plain text so I don't 
really get the advantage of using sasldb then. So I decide to use 
saslauthd instead (which in turn will use pam by default).

My problem is that I could not find how to tell openldap to use 
saslauthd instead of sasldb.

I tried to add a /usr/lib/sasl2/slapd.conf file with this inside (world 
pwcheck_method: saslauthd

But it seems that this file is not read. I see that ubuntu created a 
/etc/ldap/sasl2 directory for me but how could I know if sasl is looking 
in it? How does sasl know it has to look for a slapd.conf file and not 
openldap.conf or whatever.conf? Is it openldap which specifies the conf 
file to use or is it libsasl2?

Could someone shed some light on this subject for me?


More information about the Cyrus-sasl mailing list