[Date Prev][Date Next]
Re: Basic SASL setup instructions
At 09:21 AM 10/17/00 +0100, Jim Hud wrote:
>>The don't bother with userPassword... setup up Cyrus SASL.
>>Make sure it works (using Cyrus provided sample client and server
>>and -s "ldap"). Then use same mechanism, authentication identities,
>>secrets with slapd.
>Does this mean that the userids and user passwords are not/cannot be held in
>the LDAP database at the server end?
You can store a password in userPassword. Simple bind will use it.
SASL/PLAIN may use it as well if you configure Cyrus SASL to use
an LDAP-enabled pwcheckd or LDAP-enabled PAM.
For SASL/DIGEST-MD5, slapd currently relies on Cyrus SASL to
maintain the secret in its SASLdb. This allows slapd to share
the same user/secret database as other application protocol