[Date Prev][Date Next] [Chronological] [Thread] [Top]

DIGEST-MD5 and CRAM-MD5 again.


Alright, I have LDAP auth (for this time, cyrus->saslauthd->openldap)
working with PLAIN and LOGIN. For I'm using TLS between MUAs and cyrus it
would be enough, but I also want to add MD5-CRAM & MD5-DIGEST to this.

Now I have to admit I'm stuck and need a help.

It's a pity, but O'Reilly's "LDAP System Administration" becomes too laconic
when it comes to SASL. The short example from this book describes
Kerberos-based solution. I agree, it is useful for those who's running
Kerberos, but completely useless for those who's not.

Can anyone to show me what have to be changed to add this functionality?

Should slapd.conf still include rootpw & rootdn? If not, how openldap decides
who have right to perform different actions on its tree - basing on ACLs?

I'm sorry I'm asking too many questions in one letter, but I feel I'm lost
with this...

Igor A. Karpov    phone: +380(44)238-0624 JID:jc@mash.minjust.gov.ua
Unix System Administrator                   

	     /* My comments do not represent my views. */