On 30/11/11 04:58 -0600, Dan White wrote:
On 30/11/11 11:16 +0100, Christian Roessner wrote:
Hello,
I had some email contact with Patrick-Ben Koetter and we both tried to
figure out some SASL configuration. We came to a point, where he gave me
this mailing list address and told me, I could meet Dan White here.
To speak for myself: I have the following situation:
A running Postfix server with cyrus sasl (module ldapdb). The ldapdb
connects to my LDAP server, which has passwords in cleartext in the
userPassword attribute. This is a working setup, but sure you guess, I do
not really like cleartext passwords in the database.
Yet we could not find out, if it is possible to create LDAP schema
attrbutes like:
cmusaslsecretCRAM-MD5
cmusaslsecretDIGEST-MD5 and
cmusaslsecretNTLM
I am not sure. I have not ever used those attributes, and assumed that they
were used in cyrus sasl version 1.
That isn't correct. After taking a closer look, those attributes appear to
have been added some time around the 2.1.3 release.
This draft provides some additional details as to what they are used for:
http://tools.ietf.org/html/draft-melnikov-sasl-auxprop-attrs-00
Perhaps Alexey could provide some background on their usage.
--
Dan White
