[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [Fedora-directory-users] support for non-localy stored passwords?

From: David Boreham <david_list boreham org>
To: "General discussion list for the Fedora Directory server project." <fedora-directory-users redhat com>
Subject: Re: [Fedora-directory-users] support for non-localy stored passwords?
Date: Tue, 28 Jun 2005 14:04:12 -0700

alex milivojevic org wrote:

I don't have Fedora Directory Server installed (yet).  However, there's one
feature from OpenLDAP that is must-have before even attempting to play with
FDS.
In OpenLDAP, if I use string like "{SASL}username REALM" as a value for userPassword attribute, and have "pwcheck_method: saslauthd" in /usr/lib/sasl2/slapd.conf, then OpenLDAP will use saslauthd to authenticate the user (passing it "username REALM" and whatever password user supplied). I've read that FDS supports SASL, but does it support this feautre too?

Nope.

Is this a currently supported OpenLDAP feature ?
I ask because I vaguely remember some feature like
this being dropped on the basis that it was a stop-gap
until real SASL support was implemented. But I may
well be thinking of some similar but different feature.

FDS does support SASL but I think you'd need to
do some extra work to get it to work with the saslauthd
plugin. GSSAPI and EXTERNAL are the only two
'officially' supported SASL mechanisms.

Follow-Ups:
- Re: [Fedora-directory-users] support for non-localy stored passwords?
  - From: Rich Megginson
- Re: [Fedora-directory-users] support for non-localy stored passwords?
  - From: alex

References:
- [Fedora-directory-users] support for non-localy stored passwords?
  - From: alex

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]