[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: sasl issue - but I don't want sasl atm



2009/4/1 Da Rock <rock_on_the_web@comcen.com.au>:
> On Wed, 2009-04-01 at 01:48 +0200, Michael Ströder wrote:
>> Da Rock wrote:
>> > so I'm trying to
>> > work out how to setup the system to do a simple bind
>>
>> ldapsearch -x -D <bind-DN>
>
> I know that, thanks, but this is affecting other apps from obtaining
> data from the system. I can also just go ldapsearch -x for anonymous. It
> appears I'm all in or bust! Unless I can set it up so apps can do simple
> bind...


Configuring SASL isn't that hard.

authz-regexp
    uid=([^,]*),cn=[^,]*,cn=auth
    uid=$1,ou=users,dc=domain,dc=tld

(change the line uid=$1... to match your setup)

Store passwords in PLAINTEXT and protect userPassword with proper ACLs
(something you should do anyways)


HTH,
Norberto