2016-11-29 18:25 skrev Viktor Dukhovni:
On Nov 29, 2016, at 5:55 AM, Sven Schwedas <sven.schwe...@tao.at>
As long as saslauthd can bind against it like a regular Active
(=LDAP) server, it should work without special configuration inside
But the packets are unlikely to stay behind corporate firewalls, so one
would definitely want to make sure that the traffic is encrypted.
Otherwise, validating cleartext passwords over and unencrypted LDAP
connection is generally unwise.
Indeed - very unwise.
Well, maybe I dare look into this in the future. I've made various web
service talk to LDAP/Active Directory in the past, but never Postfix.
Will have to find documentation on the process.