[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL DIGEST-MD5 works but PLAIN/LOGIN fails

To: Michael Ströder <michael@stroeder.com>
Subject: Re: SASL DIGEST-MD5 works but PLAIN/LOGIN fails
From: Dan White <dwhite@olp.net>
Date: Sat, 8 Feb 2014 13:56:08 -0600
Cc: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Content-disposition: inline
In-reply-to: <52F60AE0.9060401@stroeder.com>
References: <52F60AE0.9060401@stroeder.com>
User-agent: Mutt/1.5.21 (2010-09-15)

On 02/08/14 11:45 +0100, Michael Ströder wrote:

I'd like let users authenticate via SASL/PLAIN or SASL/LOGIN so they do not
have to deal with full bind-DNs, my client does not have to search the user
and to avoid slapo-rwm.

Yes, the connection is protected with TLS.
Later it has to work with hashed userPassword values.
It should be feasible. Or not?


Your options here are saslauthd or authdaemond, both of which advertise
ldap backend support. Or, you can run saslauthd with its pam backend, which
could authenticate against an ldap pam module, such as nssov.

--
Dan White

References:
- SASL DIGEST-MD5 works but PLAIN/LOGIN fails
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: rwm-rewriteMap for bindDN and slapo-ppolicy
Next by Date: Re: SASL DIGEST-MD5 works but PLAIN/LOGIN fails
Index(es):
- Chronological
- Thread