List Archive: gentoo-server
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On Saturday 21 May 2005 11:32, Chris S wrote:
> any ideas?
> Chris S wrote:
> > Hi all,
> > Quick (hopefully) question:
> > If I'm setting up a server to authenticate everything via ldap, do I
> > need sasl?
You don't NEED sasl for ldap related authentication at all. The issue is more
that a lot of things, eg cyrus / postfix can use sasl layers to talk to ldap,
eg cyrus-sasl provides saslauthd which is how cyrus would talk to your ldap
server for authentication / authorization information. This is also true of
ldap clients that can also use sasl to auth to the ldap server using mechs
like cram / digest.
> > I thought sasl, apart from being a security layer, was another db to
> > hold users?
you are talking about sasldb which is indeed a db of users, but normally these
days more used for generating session stuff like cram / digest keys.
> > So if my users are in ldap, why would I need sasl also?
> > Unless it's needed for secure authentication within ldap itself? ssl?
its not _needed_ but it can be useful. It just depends on your security model.
Benjamin Smee (strerror)
497F 5E98 1FA0 C313 EA0B 08C7 004A 66ED 448B E78C