Postfix, SASL and LDAPDB: no worthy mech found

Dieter Kluenter dieter at dkluenter.de
Thu May 20 12:15:28 EDT 2010


Howard Chu <hyc at highlandsun.com> writes:

> Dan White wrote:
>> On 20/05/10 16:59 +0200, Dieter Kluenter wrote:
>>> Julien Vehent<julien at linuxwall.info>  writes:
>>>
>>>> Hello Cyrus folks,
>>>>
>>>> I'm trying to make postfix query slapd through ldapdb/sasl (without
>>>> saslauthd).
>>>> My systems runs on debian squeeze.
>>>>
>>>> I have configured postfix's sasl/smtpd.conf as follow and can see TCP
>>>> connections going to slapd.
>>>>
>>>> ----
>>>> pwcheck_method: auxprop
>>>> auxprop_plugin: ldapdb
>>>> mech_list: DIGEST-MD5 PLAIN LOGIN
>>>> ldapdb_uri: ldap://localhost
>>>> ldapdb_id: postfix
>>> ^^^^^^^^^^^^^^^^^^^^^
>>>
>>> this has to be a DN.
>>
>> I don't believe that is correct. ldapdb should work with any sasl identity,
>> either explicitly specified or derived via GSSAPI or EXTERNAL.
>
> Dieter is wrong. ldapdb_id uses SASL IDs, as plainly documented in the
> options.html docs. SASL Binds don't use DNs.

I got confused by an other project, I clearly state in my own docs
that it has to be a sasl ID.

-Dieter

-- 
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6


More information about the Cyrus-sasl mailing list