[Date Prev][Date Next] [Chronological] [Thread] [Top]

How to use pam_ldap for auth instead of sasl-lib

Hi all,
i have a problem with LDAP 2.0.11. The server is 2.0.11 as i said, and i got
it from openldap.org (Compiled and configured with defaultvalues).
Furhermore I'm using cyrus-sasl (Vers. 1.5.24) compiled with the default
The clients use pam_ldap  (Vers. 105.31) and nss_ldap (Vers. 150.15). My
database is dbb (berkeley) and i can contact my server with the
ldaputilcalls like ldapsearch and the results are ok. 
So where is the problem You might ask. 
I wanna use LDAP for authentication using the pam libraries instead of this
sasl stuff. 
With such utilcalls (decribed above) I can specify the the option -x where I
can deactivate this croppy sasl bind mechanism. Without the -x option the
message: 'ldap_sasl_interactive_bind_s: No such attribute' appears. 
Now I'm searching for a mechanism to deactivate this sasl stuff and
activating the pam authentication instead. I've found some documentation
about sasl, where is mentioned that one has to use the (sasl_)pwcheck_method
to pam instead of the default which is sasl. But nobody tells where this has
to be. Perhaps only on the server or on server and client? And in what files
do i have to make this entry? Do I have to build the sasl libs only without
the plain method or what mechanism is to use. 

Does anyone of the LDAP communiy have had the same problems? I would
appreciate any help i can get. 

Norbert Pieroth
E-Mail: pieroth.n@zdf.de