[Date Prev][Date Next]
LDAP -> SASL -> LDAP?
I have two questions regarding SASL and LDAP:
1) As I understand it LDAP can use SASL for authentication of users.
I guess LDAP can be used for a central datastore of userprofiles, containing
user passwords for use with pam_ldap, mailaddresses and so on.
SASL seems to have its own password database /etc/sasldb.
Do I now end up having two locations where a userpassword is stored, i.e.
SASLdb and LDAP, or is there a SASL plugin which fetches the credentials
from an LDAPserver?
If this is the case, am I right assuming that the rootdn/rootpw is to
avoid a chicken and egg problem?
2) Is there any info (FAQ/HowTo) on how to configure slapd.conf for use
3) I saw the configure option "--enable-aci". Is the per-object ACI aproach
going to be the future standard, while yet unstable (it's not
configured by default), or is it only applicable for special situations,
e.g. partial server replication?
Thanks for you comments