[Date Prev][Date Next] [Chronological] [Thread] [Top]

sasl and openldap.

To: "Openldap - List (E-mail)" <openldap-software@OpenLDAP.org>
Subject: sasl and openldap.
From: "Tarjei Huse" <tarjei@nu.no>
Date: Wed, 16 May 2001 18:28:08 +0200
Importance: Normal

Hi,

After finally getting my head around some of the sasl ideas, I have some
questions on how to use sasl in the context of openldap.

1. Does the use of ldap and sasl imply that the passwords are stored in the
sasldb?
I.e: authclient (f.x. mailprog) -> machine -> ldap -> sasl -> sasldb

2. To use sasl auth in ldap, do you have to make a Openldap.conf file in the
sasl pluginn dir?

3. If you use sasl_password_check: pam and pam ldap, wouldn't that look a
bit wierd?

f.x. cyrus imapd -> sasl -> ldap -> pam -> ldap ?
or ...?

or, how does this work?

Part of the resond I'm asking, is because some of my ldap clients (mainly
the gui ones for my pc) seem to be using ldap_sasl_bind when connecting
(weired hu?) and I get errors that the slapd cannot access the sasldb file
wich is logical since slapd is running as user ldap and sasldb is owned by
root. I do not want to use sasldb btw, but have everything in my ldap db as
I'm using my server both for pam_ldap and samba-tng authentication.

I hope I can get some input on this.

Tarjei

Follow-Ups:
- Re: sasl and openldap.
  - From: "Mark H. Wood" <mwood@IUPUI.Edu>
- Re: sasl and openldap.
  - From: Turbo Fredriksson <turbo@bayour.com>

Prev by Date: Re: Shell backend LDAP as a slave
Next by Date: Berkeley DB - db_recover utility
Index(es):
- Chronological
- Thread