My main point is to not have the passwd in "plain text" in my slapd.conf. I want to have it encrypted. I thought SASL would provide me with this facility, such that is would look at the /etc/sasldb file for it on the master, then with it, then send that/unencrypted to the slave ldap server for authentication.
Or if this thought of mine is wrong, let me know what I need to do or correct to make it possible.. Thanks, Steven ----- Original Message ---- From: Kurt D. Zeilenga <[EMAIL PROTECTED]> To: Steven Wong <[EMAIL PROTECTED]> Cc: Howard Chu <[EMAIL PROTECTED]>; Aaron Richton <[EMAIL PROTECTED]>; openLDAP software <[email protected]> Sent: Tuesday, August 8, 2006 12:28:33 PM Subject: Re: slurpd -d9 --- Invalid credentials At 11:54 AM 8/8/2006, Steven Wong wrote: > I was wondering if there are any Howto's for LDAP, SSL, with SASL, without > Kerberos. The basic OpenLDAP SASL tutorial is: 1) get Cyrus SASL working first (using their client programs with service set to "ldap" and daemon name set to "slapd"). (use Cyrus SASL mailing list to resolve issues) 2) then apply lessons learned in 1 to getting OpenLDAP working The basic OpenLDAP TLS/SSL tutorial is: 1) get OpenSSL working first (using s_server/s_client) (use OpenSSL list to resolve issues) 2) then apply lessons learned in 1 to getting OpenLDAP working -- Kurt
