Jittinan Suwanrueangsri jittinan2@gmail.com writes:
Hi
I have seen configuration which sasl get password from sasldb .I must run saslpasswd2 to create user and password for authentication but Is it possible to configure openldap and sasl verify authentication by getting password from openldap self like it happen in simple binding(userPassword attribute).How can I do it?
There is nothing special to do. ldapsearch -Y DIGEST-MD5 -U foo -w secret -H ldap://myhost -b dc=example,dc=com ... All you have to do is to set the userPassword value as plaintext, otherwise the challenge cannot be created. If you want to parse the sasl authentication string to a DN, than you have to define a authz-regexp in in slapd.conf(5) and the user has to have a uid attribute.
-Dieter