how to enable digestmd5 and crammd5 ?

Dmitriy Kirhlarov dkirhlarov at
Fri Apr 20 06:57:17 EDT 2007

On Fri, Apr 20, 2007 at 10:55:19AM +0200, Goetz Babin-Ebell wrote:

> > 1. have to store plaintext passwords in ldap directory.
> > 2. ACL on ldap directory must be configured for open access to
> > userPassword field for read, not only for auth.
> And with that open a can of worms I don't think Joydeep want to
> open...
> > 3. cyrus imapd must use saslauthd for authentication.
> > 4. saslauthd must have access to users passwords in ldap and must have
> > configured ldapdb_mech option.
> So cyrus can't do plain cram-md5 / digest-md5 with LDAP
> But saslauthd can.
> Something new...


  Shared secrets mechanisms
Put another way, you cannot use saslauthd with these methods.

Auxiliary Properties

   SASLv2 introduces the concept of Auxilliary Properties. That is,
the ability for information related to authentication and
authorization to all be looked up at once from a directory during the
authentication process. SASL Plugins internally take advantage of this
to do password lookups in directories such as the SASLdb, LDAP or a
SQL database. Applications can look up arbitrary properties through

sasl_pwcheck_method: <none>
The mechanism used by the server to  verify  plaintext passwords.
Possible values include "auxprop", ...

May be it can help, but I'm not sure.


More information about the Info-cyrus mailing list