From: Ken Murchison (no email)
Date: Wed Aug 08 2001 - 10:34:34 EDT
David Wright wrote:
>
> Please educate me, I do not understand.
>
> > Please use pwcheck. Your problems will go away.
>
> The pwcheck distributed with cyrus-sasl is not useful to me. My users
> are not in /etc/passwd -- they are ONLY in an LDAP database. Even a
> pwcheck daemon that uses LDAP is only useful to me <if> it does LDAP-SSL
> -- I need password traffic encyrpted over the network. pam_ldap does
> this nicely, so any pwcheck daemon that did all this would basically be
> re-implementing the functionality of pam_ldap. Can you kindly point me
> to a pwcheck daemon that just calls PAM?
Grab SASL v1.5.27 from ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/BETA/ (or
better yet grab the latest CVS) and use saslauthd. Use your pam_ldap
module until you're blue in the face, and because it is a separate
process you *shouldn't* have any reentry problems. saslauthd is
supposedly the replacement for pwcheck and will be mandatory in SASL v2.
Ken
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
|
|
|