can I use encrypted ldap_bind_pw ?

JOYDEEP j.bakshi at unlimitedmail.org
Wed Apr 18 00:53:51 EDT 2007


Dmitriy Kirhlarov wrote:
> On Tue, Apr 17, 2007 at 05:10:40PM +0530, JOYDEEP wrote:
>
>   
>> I am using openldap2 and my cyrus -imap is based on ldap authentication.
>>
>> in my  /etc/sysconfig/saslauthd the password entry is clear text like
>> ldap_bind_pw: secret
>>
>> can I use the encrypted password which I have in slapd.conf file ?
>>     
>
> No.
> saslauthd need clear text password for binding procedure.
> But, you can use anonymous binding (for me it's more secure).
>   

Hi dmitriy,
thanks for the answer.  but I can't understand how anonymous can secure
the system.
I see people shouting for disallow_bind_anonymous. any how here is my
saslauthd.conf file
with clear text password

ldap_servers: ldaps://linux.kolkatainfoservices.in:636
ldap_bind_dn: cn=Manager,dc=kolkatainfoservices,dc=in
ldap_bind_pw: secret ### CLEAR test PASSWWORD !!! #####
ldap_search_base:  ou=Users,dc=kolkatainfoservices,dc=in
ldap_version: 3
ldap_filter: uid=%U
ldap_default_domain: kolkatainfoservices.in


> WBR.
> Dmitriy
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
>
>   



More information about the Info-cyrus mailing list