[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Has anyone found a workaround? SASL/LDAP

On Sat, 4 Oct 2003, Howard Chu wrote:
> I'm not sure I see what advantage you're getting from using SASL and LDAP
> together like this, as you're only getting plaintext authentication. But
> certainly, you can use saslauthd with LDAP directly (and skip the PAM step).
> As the saslauthd is a separate process, there should be no reentrancy issues.
> But in the meantime, there was never any reentrancy issue in the first place.

> Note - this assumes Cyrus SASL 2.1 and OpenLDAP 2.1. If you're using Cyrus
> SASL 1.5, all bets are off; there are far too many bugs remaining in that
> code base.

That was probably a large part of my problem. I was indeed using 1.5. I'm
using SASL 2.1 now, on the box I'm building - but right now I'm using the
latest OpenLDAP RPM for Red Hat 8.0, and that's OpenLDAP 2.0.27. Will
this cause a problem? Should I upgrade to 2.1 before putting any users
onto the server?

Thanks for the comments.

JustThe.net Internet & Multimedia Services
22674 Motnocab Road * Apple Valley, CA 92307-1950 
Steve Sobol, Proprietor 
888.480.4NET (4638) * 248.724.4NET * sjsobol@JustThe.net