[Date Prev][Date Next]
Re: APP -> SASL -> PAM -> LDAP Best Practices?
Em Mon, Jul 16, 2001 at 09:13:53AM -0400, Adam Tauno Williams escreveu:
> >What is the best way to setup the above routine? I am a little
> >If LDAP is using SASL to bind users, and SASL is using PAM to lookup
> >users, and PAM is using LDAP to find users??? (-:
> SASL uses PAM? I'm confused.
It can use PAM if configured to do so. Just set pwcheck_method: pam in
pam_ldap will not use SASL, it will use simple bind. Therefore, the loop is
broken and it "should work"(tm).
And it is sort of confusing, yes.
> >Is there a "Best Pratices" doc somewhere?
> I'd like to find some decent documentation, period. I've implemented Kerberos
> V, and things like LDAP use SASL/GSSAPI which is great when it works. But
> finding information on configuring or trouble shooting GSS has been pretty
> tough. Any links would be appreciated. I'll add it to my Kerberos V presentation.
This one helped me a lot, although I don't use kerberos:
Also the SASL docs were very useful (after I understood the concept...).
And, of course, the archives of this mailing list, I still have some saved