saslauthd with ldap

Igor Brezac igor at ipass.net
Mon Apr 5 19:08:40 EDT 2004


On Mon, 5 Apr 2004, Adi Linden wrote:

> > ldap_servers: ldapi:///
> > ldap_auth_method: fastbind
> > ldap_filter: uid=%u,dc-example,dc=com
>
> I have things working now. Had one of those dooooh moments... The user dn
> is uid=%u,ou=people,dc=example,dc=com and not uid=%u,dc-example,dc=com.
>
> This works too:
>
> ldap_auth_method: bind
> ldap_servers: ldap://172.28.1.22
> ldap_search_base: ou=people,dc=example,dc=com
> ldap_use_sasl: no
> ldap_method: simple

You can remove this param.  It does not exist.

This config assumes you use 'ldap_filter: uid=%u'

> But the first method appears much faster.

'ldap_auth_method: fastbind' is faster because saslauthd does not need to
search (ldap server) for user's DN.

For a small number of authentications the speed difference should not be
noticed.  You must not have an index for uid.

Regards,
-- 
Igor
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html




More information about the Info-cyrus mailing list