Does the trick, thanks much. Saw a ref to it on a previous list message but for the life of me I couldn't find it.
-----Original Message----- From: Roland Gruber [mailto:[email protected]] Sent: Tuesday, February 28, 2017 2:21 PM To: [email protected] Subject: Re: [Lam-public] SASL pass through authentication Hi Andy, can you try to set the password hash to SASL? I think this should do what you need. https://www.ldap-account-manager.org/static/doc/manual/ch04s02.html#idp55604560 Best regards Roland On 28.02.2017 18:01, Andy Thompson wrote: > I've integrated my Kerberos backend database into openLDAP and I'm tossing > around the idea of using SASL pass through auth to our Kerberos domain for > LDAP users. I've got the supporting pieces working and tested but need to > set the userPassword attribute to {SASL}user@REALM to rely on the Kerberos > password and policies for user authentication. > > Is there a straightforward way within LAM to manage that to remove the need > to manually change the LDAP userPassword attributes or worry about them > getting overwritten by an administrative password change? I've got the > Kerberos plugin enabled in LAM so I can manage the Kerberos attributes there. > > > *** This communication may contain privileged and/or confidential > information. It is intended solely for the use of the addressee. If > you are not the intended recipient, you are strictly prohibited from > disclosing, copying, distributing or using any of this information. If > you received this communication in error, please contact the sender > immediately and destroy the material in its entirety, whether > electronic or hard copy. *** > > > ---------------------------------------------------------------------- > -------- Check out the vibrant tech community on one of the world's > most engaging tech sites, SlashDot.org! http://sdm.link/slashdot > _______________________________________________ > Lam-public mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/lam-public > ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Lam-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/lam-public
