Wanted: an example imapd.conf for authenticating against Active Directory

Igor Brezac igor at ipass.net
Fri Jul 9 10:42:07 EDT 2004


On Fri, 9 Jul 2004, Mohamed Magdi Abbas wrote:

> Igor Brezac wrote:
>
> >On Thu, 8 Jul 2004, Paul Boven wrote:
> >
> >
> >
> >>Hi everyone,
> >>
> >>For a new customer, I'm setting up a Cyrus server that will have to
> >>authenticate against an Active Directory server.
> >>
> >>So far, I've gotten Kerberos, TSL, SASL all working together from the
> >>command-line with ldapsearch, so what remains is to build an imapd.conf
> >>and have Cyrus play nice with the ADS. But here are about 3 pages of
> >>ldap-options to imapd.conf, and I still don't know what attribute to use
> >>to check authentication against, so I'm a bit stuck for inspiration.
> >>
> >>
> >>
> >
> >These are pts related commands.  You need to look at cyrus-sasl
> >documentation ($cyrus-sasl-src/doc)
> >
> >
> As a side question: the pts ldap support is labeled experimental in
> cyrus-imapd 2.2.6. What does that mean? Is it not stable, prone to
> crash? Or is it just not well tested. I would like to use in our
> production environment, but have been reluctant sicne it's labeled
> experimental.

I'd use it in production, but my opinion is biased because I wrote most
of the code.  The code is very similar to the saslauthd ldap code which
has been used in production environments for quite some time.

I would download the CVS version of /ptclient/ldap.c.  It has some minor
fixes and a possible memory corruption.

-- 
Igor
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html




More information about the Info-cyrus mailing list