Due to the amount of interest I have decided to put this information on the web at http://hbeatty.mystarband.net. Please give me a week or so to get it complete.
Thanks, Hank ----- Original Message ----- From: "David H. Lynch Jr." <[EMAIL PROTECTED]> To: "'Hank Beatty'" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, November 07, 2002 6:39 PM Subject: RE: SASL Docs > While I still hope to get something else working - > > In my perfect world I would have kerberos working between the > systems (right now I have working krb5.conf, and a keytab, and I can > kinit against the W2K KDC, but saslauthd/pam_krb5, saslauthd/kerberos5 > and GSSAPI all are unhappy) > of course in my dreams either MIT or Heimdal kerberos knows how > to work as the kdc for W2K, and maybe openldap knows how to replace M$'s > LDAP, .... In fact while I am dreaming AutoCAD runs under Linux and W2K > can go to @#$?. > > In a less perfect world (or maybe not) I would have either > saslauthd/pam_smbpass or saslauthd/pam_winbind working. > I am working on that right now, with marginal success. > > But I could give up soon and then I would settle for anything > that did not require me to maintain multiple user lists all over the > place. Anyway, yes I would greatly appreciate whatever information you > can share on authenticating against a W2K AD. This is probably the only > thing stopping me from killing off exchange. Exchange has died for me > almost every xmas holiday for the past 4 or 5 years, requiring massive > amounts of effort to recover and just generally ruining my holiday. My > goal is to kill it off before it kills me. > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:owner-info-cyrus@;lists.andrew.cmu.edu] On Behalf Of Hank Beatty > Sent: Thursday, November 07, 2002 2:26 PM > To: [EMAIL PROTECTED] > Subject: Re: SASL Docs > > > David, > > I have a setup where I have Cyrus is using saslauthd. Saslauthd is setup > to use PAM. Pam is using PAM_LDAP and PAM_LDAP is authenticating against > a MS AD domain controller. > > That was probably the long way around, but it made sense at the time. > > If you (or anyone else) is interested in how I did this let me know. > >