[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problems Enabling Authentication using Cyrus SASL

Fernando Torrez <fernando_torrez@hotmail.com> writes:

> Hi all
>     I got work  sasl authentication to access ldap server by correcting two things:
> 1.- inserting the proxyuser's userpassword in clear text  (userPassord=secret)
> 2.- fixing the proxyuser's authzTo atributte to
>      authzTo: ldap:///ou=people,dc=plainjoe,dc=org??sub?(objectClass=account)
>      (results at the end of this mail)
>     As far as it can be seen, there's no need for cyrus-sasl for these matter
>      but my final purpose is to enable Cyrus-sasl with openldap as backend to
> authenticate users for cyrus-imapd and postfix services.
>      Any hints would be appreciated.

As you have SASL and proxy user running already check whether there is
a libldapdb in /usr/lib/sasl2, if so, all you you have to do is edit
a smtpd.conf and imapd.conf and allow postfix and cyrus-imapd to to
sasl authentication. Just as an example a /etc/sasl2/smtpd.conf

pwcheck_method: auxprop
auxprop_plugin: ldapdb
ldapdb_uri: ldap://localhost
ldapdb_id: mailadmin
ldapdb_pw: xxxxx
ldapdb_mech: DIGEST-MD5
ldapdb_rc: /etc/sasl2/ldaprc
ldapdb_starttls: demand

The file /etc/sasl2/ldaprc contains TLS configuration.

Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de