Fernando Torrez fernando_torrez@hotmail.com writes:
Hi all
I got work sasl authentication to access ldap server by correcting two things:1.- inserting the proxyuser's userpassword in clear text (userPassord=secret) 2.- fixing the proxyuser's authzTo atributte to authzTo: ldap:///ou=people,dc=plainjoe,dc=org??sub?(objectClass=account) (results at the end of this mail)
As far as it can be seen, there's no need for cyrus-sasl for these matter but my final purpose is to enable Cyrus-sasl with openldap as backend toauthenticate users for cyrus-imapd and postfix services. Any hints would be appreciated.
As you have SASL and proxy user running already check whether there is a libldapdb in /usr/lib/sasl2, if so, all you you have to do is edit a smtpd.conf and imapd.conf and allow postfix and cyrus-imapd to to sasl authentication. Just as an example a /etc/sasl2/smtpd.conf
pwcheck_method: auxprop auxprop_plugin: ldapdb mech_list: PLAIN LOGIN DIGEST-MD5 ldapdb_uri: ldap://localhost ldapdb_id: mailadmin ldapdb_pw: xxxxx ldapdb_mech: DIGEST-MD5 ldapdb_rc: /etc/sasl2/ldaprc ldapdb_starttls: demand
The file /etc/sasl2/ldaprc contains TLS configuration.
-Dieter