[Date Prev][Date Next]
Re: LDAP and SASL...
-----BEGIN PGP SIGNED MESSAGE-----
...whoops, I meant to post back to the list, too. Sorry for the duplicate.
Thanks for your reply! You're right, I did mean to say testsaslauthd.
| Then you're suffering from the same misconception that I have been.
| saslauthd does nothing except auth mechs PLAIN and LOGIN (both
Maybe I'm confusing some things. Is this differant than the mech you
give it upon starting it? (i.e. saslauthd -a kerberos5)
| That's not what that means. It means that plaintext authentication via
| saslauthd is working (probably checking sasldb for the password).
| That's all. It's not looking in your LDAP directory for the passwords
| there or at your KDC.
When I issues the 'testsaslauthd -u tobias -p passwd' I get this in my
2004-10-22T06:07:41 AS-REQ tobias@PLAYGROUND.NET from IPv4:192.168.44.12
2004-10-22T06:07:41 Using des3-cbc-sha1/des3-cbc-sha1
2004-10-22T06:07:41 sending 605 bytes to IPv4:192.168.44.12
2004-10-22T06:07:41 TGS-REQ tobias@PLAYGROUND.NET from
IPv4:192.168.44.12 for host/swiss.playground.net@PLAYGROUND.NET
2004-10-22T06:07:41 sending 620 bytes to IPv4:192.168.44.12
...so thats why I thought it was working against kerberos. I didn't
think it was hitting ldap.
So, is what I'm wanting to do even possible?
user -> some service -> pam (using pam_ldap.so) -> slapd (tries to auth
and continues to sasl) -> sasl -> kerberos(windows kdc).
Many thanks again for your time, Kevin.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)
-----END PGP SIGNATURE-----