Re: LDAP authenticaton against PAM how-to

[manu@netbsd.org (Emmanuel Dreyfus)]

Howard Chu <hyc@symas.com> wrote:

> Of course you could always have checked the FAQ.
> http://www.openldap.org/faq/data/cache/944.html

Of course I did check the FAQ. Where do you think I find the idea of
using {SASL}? Note that this FAQ entry does not tell that {SASL} should
be followed by the login. Other FAQ entries that deal with SASL and
kerberos tell about using authz-regex or sasl-regex, it took me a while
to find a setup that actually works. 

By the way, you told me the {SASL} scheme in userPassword was
deprecated. How this should be done, then? Or did I misunderstood your
statement?
 
> As other posters have already indicated, there's plenty of information out
> there, and a search on simple keywords like "SASL" and "userpassword"
> would have been all that was necessary to find the answers in this case.

In order to type that keywords in a search engine, one must already know
that the answer is about having the right thing in userPassword.

> My statement above was an offer to help explain anything you might want
> explained. Frankly I have better things to do with my time than try to teach
> people who are so unwilling to learn. 

I'm not unwilling to learn, it's just that I already found the answer
for the problem about which I was telling my ftrustration. I'm sure
nobody want to loose time answering already resolved questions.

> But yes, if you post "Here's how to do 
> X" and I see that there's something wrong, I will say it's wrong. 

Now I'd by thankful to you if you could tell me why it's wrong, and what
is the right way of doing what I've done.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org