On Wed, Apr 18, 2007 at 10:23:51AM +0530, JOYDEEP wrote: > > saslauthd need clear text password for binding procedure. > > But, you can use anonymous binding (for me it's more secure). > thanks for the answer. but I can't understand how anonymous can secure > the system. I have many untrusted hosts with ldap-based authentication. With this reason no difference between anonymous bind and bind under potentialy compromized id. But second case I have to specialy describe in ACL section slapd.conf. Also, I can't see difference for user authentication between initial anonymous and non-anonymous bind. WBR. Dmitriy ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
