ffarid at pragmatic-source.com
Mon Sep 25 07:51:34 EDT 2006
Marten Lehmann wrote:
> we will use LDAP through saslauthd to authenticate our users.
> Is there a way to authenticate admin-users a different way at the same
> time? Best would be to hardcode a md5-password within the imapd.conf
> or to use /etc/passwd for that. But I don't want to pass everything
> through PAM just to authenticate the admin user.
You can use saslauthd/LDAP for your users and a local sasldb2 file for
your admins. You don't need PAM at all.
I use both LDAP and sasldb with these config lines:
* sasl_pwcheck_method: auxprop saslauthd
* sasl_auxprop_plugin: sasldb
The following commands, sasldblistusers2 & saslpasswd2, can be used to
administer the /etc/sasldb2 file.
With this configuration you will have the added benefit of digest-md5 or
cram-md5 authentication for your admins (but not for LDAP users AFAIK,
unless using cleartext password in the LDAP directory, which I wouldn't do).
Farzad FARID <ffarid at pragmatic-source.com>
Architecte Open Source / Pragmatic Source
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Info-cyrus