SASL Docs

David H. Lynch Jr. dhlii at 1dla.com
Thu Nov 7 18:39:51 EST 2002


While I still hope to get something else working - 

	In my perfect world I would have kerberos working between the
systems (right now I have working krb5.conf, and a keytab, and I can
kinit against the W2K KDC, but saslauthd/pam_krb5, saslauthd/kerberos5
and GSSAPI all are unhappy)
	of course in my dreams either MIT or Heimdal kerberos knows how
to work as the kdc for W2K, and maybe openldap knows how to replace M$'s
LDAP, .... In fact while I am dreaming AutoCAD runs under Linux and W2K
can go to @#$?.

	In a less perfect world (or maybe not) I would have either
saslauthd/pam_smbpass or saslauthd/pam_winbind working.
	I am working on that right now, with marginal success.

	But I could give up soon and then I would settle for anything
that did not require me to maintain multiple user lists all over the
place. Anyway, yes I would greatly appreciate whatever information you
can share on authenticating against a W2K AD. This is probably the only
thing stopping me from killing off exchange. Exchange has died for me
almost every xmas holiday for the past 4 or 5 years, requiring massive
amounts of effort to recover and just generally ruining my holiday. My
goal is to kill it off before it kills me.

	
	


-----Original Message-----
From: owner-info-cyrus at lists.andrew.cmu.edu
[mailto:owner-info-cyrus at lists.andrew.cmu.edu] On Behalf Of Hank Beatty
Sent: Thursday, November 07, 2002 2:26 PM
To: info-cyrus at lists.andrew.cmu.edu
Subject: Re: SASL Docs


David,

I have a setup where I have Cyrus is using saslauthd. Saslauthd is setup
to use PAM. Pam is using PAM_LDAP and PAM_LDAP is authenticating against
a MS AD domain controller.

That was probably the long way around, but it made sense at the time.

If you (or anyone else) is interested in how I did this let me know.






More information about the Info-cyrus mailing list