[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP+SASL

To: OpenLDAP <openldap-software@OpenLDAP.org>
Subject: LDAP+SASL
From: Robert Fitzpatrick <lists@webtent.net>
Date: Wed, 21 Jun 2006 09:26:26 -0400
Organization: WebTent Networking, Inc.

Trying to get a clear understanding of the possibilities with OpenLDAP.
I have used OpenLDAP for a while now, but only with PLAIN login within
secure environments and simple security objects. I also use Cyrus IMAPd
and have 'saslauthd -a ldap' handling the authentication. Now comes the
part I am unclear about. I understand OpenLDAP supports SASL
authentication to give me a more secure type login. I believe I also
read once that OpenLDAP does not use saslauthd, but works with SASL
directly? Looking at the example in the Faq-O-Matic for using with SASL
and KerberosV, does this mean by using SASL auth, I must move
authentication out of LDAP and into Kerberos or sasldb? If so, then
PLAIN text is the only option for LDAP based auth?

I am currently running OpenLDAP 2.3.30 Sorry for my ignorance on the
subject after dealing with LDAP for a while now and reading more than
one book. Also, if this belongs in a more general LDAP lists, can
someone send me the mailing list info?

Thanks in advance!
-- 
Robert

Follow-Ups:
- Re: LDAP+SASL
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: help with set acl
Next by Date: access control
Index(es):
- Chronological
- Thread