* Dieter Kluenter <[email protected]>: > Gildas Bayard <[email protected]> writes: > > > Hello, > > > > I'm setting up a new ldap server on ubuntu server 8.04.3 LTS. > > man slapd.conf encourages me into using SASL auth for rootdn instead > > of setting the rootpw parameter in slapd.conf. > > > > So I created a user in sasldb with saslpasswd2. sasldblistusers2 give me > > ad...@coruscant: userPassword which is what is expected. > > But then I see that the password there is in plain text so I don't > > really get the advantage of using SASL then. So I decide to use > > saslauthd instead (which in turn will use pam by default). > > Why do you want to use saslauthd and sasldb to authenticate rootdn > against slapd? And why do you complain about plaintext passwords in > sasldb? How else could you response to a challenge based on a shared > secret? > > > My problem is that I could not find how to tell openldap to use > > saslauthd instead of sasldb. > [...] > > Because in most cases a ldap server maintains its own user database > and password storage. Basics on how to implement SASL you can find in > the Admin Guide > http://www.openldap.org/doc/admin24/sasl.htm
I pretty much gave Gildas the same answer on the Cyrus SASL mailing list ... p...@rick -- state of mind Digitale Kommunikation http://www.state-of-mind.de Franziskanerstraße 15 Telefon +49 89 3090 4664 81669 München Telefax +49 89 3090 4666 Amtsgericht München Partnerschaftsregister PR 563
