SASL Docs

[Ken Murchison]

"David H. Lynch Jr." wrote:
> 
> Ron, Thank you;
> 
>         I am still trying to "grok" the authentication/authorization
> process for Cyrus IMAP.
> 
>         It does not help that virtually all the "HOWTO's" that are on
> the net, as well as the book,
>         are all pretty much obsolete and this particular issue is the
> one they are most out of date about.
> 
>         I am not trying to be negative.
>         I greatly appreciate the enormous amount of effort that has been
> put into Cyrus IMAP,
>         and appreciate the fact that CMU, and Ken and the rest of you
> have made it available to the rest of us.
> 
>         But I am also very frustrated.
> 
>         Most aspects of setting Cyrus IMAP up are not particularly
> difficult.
>         But authorization/authentication is excruciatingly complex.
> 
>         I looked through doc/sysadmin.html. It does answer a few of my
> questions, but not most of them.
>         I also looked through doc/options.html but it still does not
> give me a clue how the NTLM method
>         knows what domain or server to query.


The NTLM plugin currently does not query a server, it simply uses the
password that it gets from the auxprop plugin.  I thought about checking
against a server (as an option) but didn't feel like doing the work.  In
lieu of this (unless you actually _need_ the NTLM mechanism), you can
use something like pam_smb with saslauthd to authenticate against an NT
server (I use it here).

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp