admin authentication

Farzad FARID ffarid at
Mon Sep 25 07:51:34 EDT 2006

Marten Lehmann wrote:
> Hello,
> we will use LDAP through saslauthd to authenticate our users.
> Is there a way to authenticate admin-users a different way at the same
> time? Best would be to hardcode a md5-password within the imapd.conf
> or to use /etc/passwd for that. But I don't want to pass everything
> through PAM just to authenticate the admin user.

You can use saslauthd/LDAP for your users and a local sasldb2 file for
your admins. You don't need PAM at all.

I use both LDAP and sasldb with these config lines:

    * sasl_pwcheck_method: auxprop saslauthd
    * sasl_auxprop_plugin: sasldb

The following commands, sasldblistusers2 & saslpasswd2, can be used to
administer the /etc/sasldb2 file.

With this configuration you will have the added benefit of digest-md5 or
cram-md5 authentication for your admins (but not for LDAP users AFAIK,
unless using cleartext password in the LDAP directory, which I wouldn't do).


Farzad FARID <ffarid at>
Architecte Open Source / Pragmatic Source

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the Info-cyrus mailing list