Re: Information about SASL and LDAP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 30/11/11 04:58 -0600, Dan White wrote:
On 30/11/11 11:16 +0100, Christian Roessner wrote:
Hello,

I had some email contact with Patrick-Ben Koetter and we both tried to
figure out some SASL configuration. We came to a point, where he gave me
this mailing list address and told me, I could meet Dan White here.

To speak for myself: I have the following situation:

A running Postfix server with cyrus sasl (module ldapdb). The ldapdb
connects to my LDAP server, which has passwords in cleartext in the
userPassword attribute. This is a working setup, but sure you guess, I do
not really like cleartext passwords in the database.

Yet we could not find out, if it is possible to create LDAP schema
attrbutes like:

cmusaslsecretCRAM-MD5
cmusaslsecretDIGEST-MD5 and
cmusaslsecretNTLM

I am not sure. I have not ever used those attributes, and assumed that they
were used in cyrus sasl version 1.

That isn't correct. After taking a closer look, those attributes appear to
have been added some time around the 2.1.3 release.

This draft provides some additional details as to what they are used for:

http://tools.ietf.org/html/draft-melnikov-sasl-auxprop-attrs-00

Perhaps Alexey could provide some background on their usage.

--
Dan White


[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux