auth against active directory?

[Bill Kearney]

But since cyrus 2.2 has the ability to speak LDAP directly where's the need
to use saslauthd any longer?

----- Original Message ----- 
> > Heh, 'easy enough' and LDAP rarely seem to be found together.  Throw in
SASL
> > and it /really/ goes downhill.
> >
> > I figure it should be easy but given that I've never actually made a
> > 'generic' LDAP connection to an active directory I'm not entirely sure
where
> > to start.  And given the potential for amount of time fiddling with sasl
is
> > known to absorb I'm doubly cautious.
>
> I use cyrus-imapd -> saslauthd -> pam_ldap -> iplanet directory server.
>
> At our site, we create unix accounts by creating ldap entries in the
> iplanet directory server, then we create matching, synchronized accounts
> in AD for Windows.  To the end users, it appears as one account.
>
> I don't authenticate against AD for cyrus, but I'm fairly familiar with
> using LDAP to talk to AD.  Do you have any specific questions?  I know of
> no reason it wouldn't work using pam_ldap as above.