ldap auxprop plugin on centos4/rhel4?

Aleksandar Milivojevic alex at milivojevic.org
Fri Mar 10 14:04:29 EST 2006


Quoting Igor Brezac <igor at ipass.net>:

> You need to configure proxy authorization in order for ldapdb to 
> work. This is noted in the cyrus-sasl docs (options.html).  If you 
> have trouble configuring proxy authorization, I suggest you move this 
> discussion to the openldap software list.

OK, I see...  I'll try that and see what happens.

>> BTW, would it be possible to use simple bind with ldapdb cyrus-sasl 
>> module? Simple bind ovar SSL/TLS would work for me.  It would even 
>> simplify things on LDAP server side since I wouldn't need to support 
>> SASL on it.
>
> There may be some complexity on the openldap server side, but the 
> client config becomes far more simple.

Yup.  Which is good thing sometimes.  Sometimes it isn't.  The old way 
with simple binds, I could have defined ldap_filter differently for 
each client and have client check for additional (client specific) 
attributes in order to authenticate user (basically combining 
authentication and authorization into single operation).

-- 
See Ya' later, alligator!
http://www.8-P.ca/

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.




More information about the Info-cyrus mailing list