SASL Multiple Pwcheck methods
Craig Ringer
craig at postnewspapers.com.au
Tue Aug 10 14:28:04 EDT 2004
On Wed, 2004-08-11 at 01:34, Andrew Morgan wrote:
> Sure, just run 'saslauthd -a pam' to use pam authentication, then include
> pam_ldap in your pam config. We do this here to authenticate against the
> /etc/shadow file for the cyrus admin user, and ldap for all the regular
> cyrus users.
Just be careful of leaky PAM modules, and consider the option of running
saslauthd with '-n 1' if leaks become an issue. I also use it with
libpam_ldap and libpam_unix without problems, but if you're using some
other methods things may not go as smoothly. IIRC pam_mysql is a
particularly bad offender.
--
Craig Ringer
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list