Re: SASL DIGEST-MD5 works but PLAIN/LOGIN fails

On 02/08/14 11:45 +0100, Michael Ströder wrote:

I'd like let users authenticate via SASL/PLAIN or SASL/LOGIN so they do not have to deal with full bind-DNs, my client does not have to search the user and to avoid slapo-rwm.

Yes, the connection is protected with TLS. Later it has to work with hashed userPassword values. It should be feasible. Or not?

Your options here are saslauthd or authdaemond, both of which advertise ldap backend support. Or, you can run saslauthd with its pam backend, which could authenticate against an ldap pam module, such as nssov.