[Ltb-changes] [LDAP ToolBox (LTB)] page changed: documentation:general:sasl_delegation

Fri, 26 Aug 2011 07:52:40 -0700 

A page in your DokuWiki was added or changed. Here are the details:

Date        : 2011/08/26 16:52
Browser     : Mozilla/5.0 (X11; Linux i686; rv:6.0) Gecko/20100101 Firefox/6.0
IP-Address  : 213.41.232.151
Hostname    : dslm0.nerim.lyon.linagora.net
Old Revision: 
http://ltb-project.org/wiki/documentation/general/sasl_delegation?rev=1314369980
New Revision: http://ltb-project.org/wiki/documentation/general/sasl_delegation
Edit Summary: 
User        : coudot

@@ -56,9 +56,9 @@
  <code>
  ldapsearch -x -H ldap://ad.example.com -D 
CN=Administrator,CN=Users,DC=example,DC=com -w ADpassword -b 
CN=DomainUsers,DC=example,DC=com
  </code>
  
- === Step 2: configure saslauthd ===
+ ==== Step 2: configure saslauthd ====
  
  First, check the your SASL daemon supports LDAP:
  <code>
  saslauthd -v
@@ -90,8 +90,42 @@
  On RedHat systems, activate saslauthd on startup:
  <code>chkconfig saslauthd on</code>
  </note>
  
+ To finish enter all connection information found at step one:
+ 
+ <code>
+ vi /etc/saslauthd.conf
+ </code>
+ 
+ <file>
+ ldap_servers: ldap://ad.example.com
+ ldap_search_base: CN=DomainUsers,DC=example,DC=com
+ ldap_timeout: 10
+ ldap_filter: sAMAccountName=%U
+ ldap_bind_dn: CN=Administrator,CN=Users,DC=example,DC=com
+ ldap_password: ADpassword
+ ldap_deref: never
+ ldap_restart: yes
+ ldap_scope: sub
+ ldap_use_sasl: no
+ ldap_start_tls: no
+ ldap_version: 3
+ ldap_auth_method: bind
+ </file>
+ 
+ Main parameters are:
+   * ldap_servers: LDAP URI, space separated for redundancy
+   * ldap_bind_dn: DN for connection
+   * ldap_password: Password for connection
+   * ldap_search_base: Search base
+   * ldap_filter: Search filter
+   * ldap_scope: Search scope
+ 
+ In parameters ''ldap_search_base'' and ''ldap_filter'', you can use these 
variables (example for SASL password user@domain):
+   * %u: user@domain
+   * %U: user
+   * %d: domain
  
  ===== Pass-Trough authentication on several LDAP directories =====
  
  



-- 
This mail was generated by DokuWiki at
http://ltb-project.org/wiki/

_______________________________________________
ltb-changes mailing list
[email protected]
http://lists.ltb-project.org/listinfo/ltb-changes

Reply via email to