Roberto C. Sanchez wrote:
On Tue, Jan 30, 2007 at 05:04:48PM +0000, Rakotomandimby Mihamina wrote:
Hi,
I am using Testing, and I want to setup the debian way an LDAP + pam
authentication system for system users.
Would you know a recent howto talking about that?
I dont need generic howto, I am interested in the debian specific way.
Do you need to configure just the client, just the server, or both?
Regards,
-Roberto
Hmmm.... maybe if I reply with something helpful I can also
piggy-back a question of my own? }:)
I was messing around with exactly the same thing a while ago,
and this was the best How-To I found. It is for Sarge, but that
didn't seem to matter. As much as I sing the praises of this
one, it wasn't perfect. I seem to recall using several How-To's
because none of them seemed to have all the answers.
http://www.moduli.net/pages/sarge-ldap-auth-howto
Now here's my question:
I never could figure out the #### SASL stuff. I didn't even get
the concept. I thought I did several times, then I'd read
something else and it wouldn't make sense again. So let's try
this slowly.... =)
The LDAP client usually just sends all data (passwords
included!) in the clear to the LDAP server. This is bad. SASL
encrypts all the communication between the client and server.
Okay, now if I've at least got that much right....
1) How do I make the client and server use SASL? I was forever
at a loss on this. Never could find a How-To for it or
anything. (Every How-To I found on LDAP started off with
something to the effect of "SASL is beyond the scope of this
document" =P )
2) Once I've enabled SASL (enabled? Is that even the right
term?) how can I see if it's working?
Thanks, and I hope I'm not developing an irritating habit of
thread hi-jacking, =)
- GM
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.432 / Virus Database: 268.17.28/672 - Release Date: 2/6/2007 10:22
AM
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
