On Tue, 2008-01-08 at 21:06 +0100, Pierangelo Masarati wrote:
Stefan Palme wrote:
Now I have some LDAP client applications that only support simple authentication, but no SASL authentication. So I am looking for a way to "map" simple authentication to SASL authentication, e.g. when a user uses simple auth with DN "cn=user1,ou=users,dc=domain,dc=com" this mechanism should authenticate this user via SASL using username "user1" and the provided password.
Is this possible?
The only way I see, apart from writing a custom layer (an overlay) to slapd, consists in populating the database with the users' entries, and set their userPassword to "{SASL}<saslname>" and configure slapd's SASL to auth them accordingly.
Thanks for this hint - until now I did not know the "password format" {SASL}. Will give it a try, because automatically creating a dummy LDAP entry for each existing user from my external database should be possible.
Regards -stefan-