A page in your DokuWiki was added or changed. Here are the details: Date : 2011/09/05 11:15 Browser : Mozilla/5.0 (X11; Linux i686; rv:6.0.1) Gecko/20100101 Firefox/6.0.1 IP-Address : 213.41.232.151 Hostname : dslm0.nerim.lyon.linagora.net Old Revision: http://ltb-project.org/wiki/documentation/general/sasl_delegation?rev=1315213177 New Revision: http://ltb-project.org/wiki/documentation/general/sasl_delegation Edit Summary: User : coudot
@@ -355,4 +355,40 @@ # Example of rwm configuration for Active Directory rwm-map attribute uid sAMAccountName rwm-map attribute * * </file> + + ==== Step 2: reconfigure saslauthd ==== + + Adapt SASL daemon configuration to contact the meta directory: + + <code> + vi /etc/saslauthd.conf + </code> + + <file> + ldap_servers: ldap://127.0.0.1:390/ + ldap_search_base: ou=%d,dc=local + ldap_timeout: 10 + ldap_filter: uid=%U + ldap_bind_dn: cn=Manager,dc=local + ldap_password: secret + ldap_deref: never + ldap_restart: yes + ldap_scope: sub + ldap_use_sasl: no + ldap_start_tls: no + ldap_version: 3 + ldap_auth_method: bind + </file> + + We just change the ldap_search_base parameter to use the domain component (%d) to match to destination backend, trough the meta directory DIT + + Restart saslauthd: + <code> + service saslauthd restart + </code> + + ==== Step 3: be really proud (indeed, you are awesome) ==== + + Do the tests of the first chapter, with different users in LDAP1 and LDAP2, and appropriate users in the main OpenLDAP server. By playing with the SASL password value, you are able to choose the authentication backend for pass-trough authentication. + -- This mail was generated by DokuWiki at http://ltb-project.org/wiki/ _______________________________________________ ltb-changes mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-changes
