[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP and SASL problem


I'm setting up a new ldap server on ubuntu server 8.04.3 LTS.
man slapd.conf encourages me into using SASL auth for rootdn instead of setting the rootpw parameter in slapd.conf.

So I created a user in sasldb with saslpasswd2. sasldblistusers2 give me
admin@coruscant: userPassword which is what is expected.
But then I see that the password there is in plain text so I don't really get the advantage of using SASL then. So I decide to use saslauthd instead (which in turn will use pam by default).

My problem is that I could not find how to tell openldap to use saslauthd instead of sasldb.

I tried to add a /usr/lib/sasl2/slapd.conf file with this inside (world readable):
pwcheck_method: saslauthd

But it seems that this file is not read. I see that ubuntu created a /etc/ldap/sasl2 directory for me but how could I know if sasl is looking in it? How does sasl know it has to look for a slapd.conf file and not openldap.conf or whatever.conf?

Could someone shed some light on this subject for me?