lo, On Saturday 21 May 2005 11:32, Chris S wrote: > any ideas? > > -c > > Chris S wrote: > > Hi all, > > > > Quick (hopefully) question: > > If I'm setting up a server to authenticate everything via ldap, do I > > need sasl?
You don't NEED sasl for ldap related authentication at all. The issue is more that a lot of things, eg cyrus / postfix can use sasl layers to talk to ldap, eg cyrus-sasl provides saslauthd which is how cyrus would talk to your ldap server for authentication / authorization information. This is also true of ldap clients that can also use sasl to auth to the ldap server using mechs like cram / digest. > > I thought sasl, apart from being a security layer, was another db to > > hold users? you are talking about sasldb which is indeed a db of users, but normally these days more used for generating session stuff like cram / digest keys. > > So if my users are in ldap, why would I need sasl also? > > > > Unless it's needed for secure authentication within ldap itself? ssl? its not _needed_ but it can be useful. It just depends on your security model. b -- Benjamin Smee (strerror) 497F 5E98 1FA0 C313 EA0B 08C7 004A 66ED 448B E78C
pgpueeJUYFflg.pgp
Description: PGP signature
