alex@xxxxxxxxxxxxxxx wrote:
I don't have Fedora Directory Server installed (yet). However, there's one
feature from OpenLDAP that is must-have before even attempting to play with
FDS.
In OpenLDAP, if I use string like "{SASL}username@REALM" as a value for
userPassword attribute, and have "pwcheck_method: saslauthd" in
/usr/lib/sasl2/slapd.conf, then OpenLDAP will use saslauthd to authenticate the
user (passing it "username@REALM" and whatever password user supplied). I've
read that FDS supports SASL, but does it support this feautre too?
Nope.
Is this a currently supported OpenLDAP feature ?
I ask because I vaguely remember some feature like
this being dropped on the basis that it was a stop-gap
until real SASL support was implemented. But I may
well be thinking of some similar but different feature.
FDS does support SASL but I think you'd need to
do some extra work to get it to work with the saslauthd
plugin. GSSAPI and EXTERNAL are the only two
'officially' supported SASL mechanisms.
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
