saslauthd with ldap
Igor Brezac
igor at ipass.net
Mon Apr 5 19:08:40 EDT 2004
On Mon, 5 Apr 2004, Adi Linden wrote:
> > ldap_servers: ldapi:///
> > ldap_auth_method: fastbind
> > ldap_filter: uid=%u,dc-example,dc=com
>
> I have things working now. Had one of those dooooh moments... The user dn
> is uid=%u,ou=people,dc=example,dc=com and not uid=%u,dc-example,dc=com.
>
> This works too:
>
> ldap_auth_method: bind
> ldap_servers: ldap://172.28.1.22
> ldap_search_base: ou=people,dc=example,dc=com
> ldap_use_sasl: no
> ldap_method: simple
You can remove this param. It does not exist.
This config assumes you use 'ldap_filter: uid=%u'
> But the first method appears much faster.
'ldap_auth_method: fastbind' is faster because saslauthd does not need to
search (ldap server) for user's DN.
For a small number of authentications the speed difference should not be
noticed. You must not have an index for uid.
Regards,
--
Igor
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list