"NguyenHuynh" <huynhnguyen@xxxxxxxxxx> writes: > SASL over LDAP > > I’m trying to using SASL over LDAP for authentication but I don’t still work yet > > Details: > > OS: FreeBSD > > Packages: > > cyrus-sasl-2.1.22 RFC 2222 SASL (Simple Authentication and Security Layer) > > cyrus-sasl-ldapdb-2.1.22 SASL LDAPDB auxprop plugin > > cyrus-sasl-saslauthd-2.1.22 SASL authentication server for cyrus-sasl2 > > postfix-current-2.5.20071006,4 A secure alternative to widely-used Sendmail > > Configure SASL in main.cf for postfix: > > ……………….. > > smtpd_sasl_auth_enable = yes > > smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination, > permit_mynetworks, reject > > smtpd_sasl_authenticated_header = yes > > ……………….. > > Configure SASL for authentication: > > #vi /usr/local/lib/sasl2/smtpd.conf > > pwcheck_method: saslauthd > > auxprop_plugin: ldap You should either use saslauthd or ldapdb, I prefer ldapdb. This is my smtpd.conf pwcheck_method: auxprop auxprop_plugin: ldapdb ldapdb_uri: ldap://server.meine-firma.de # ldapdb_uri: ldapi://%2Fvar%2Frun%2Fldapi ldapdb_id: mailadmin ldapdb_pw: secret ldapdb_mech: DIGEST-MD5 # ldapdb_starttls: try -Dieter -- Dieter Klünter | Systemberatung http://www.dkluenter.de GPG Key ID:8EF7B6C6
