On Mon, Jul 06, 2009 at 09:36:17PM +0200, Patrick Ben Koetter wrote:
> * Terry L. Inzauro <[email protected]>:
> > What is the recommended and most scalable method for implementing SMTP Auth
> > against OpenLDAP that currently manages all IMAP accounts?
>
> Cyrus SASL ldapdb plugin:
>
> The ldapdb auxprop plugin provides access to credentials stored in an
> OpenLDAP LDAP server. It is the only plugin that implements proxy
> authorization.
>
> Proxy authorization in this context means: The ldapdb plugin must SASL
> authenticate with the OpenLDAP server. The server then decides if the
> ldapdb plugin should be authorized to read the authenticating users
> password.
>
> Once the ldapdb plugin has gone through proxy authorization it may proceed
> and authenticate the submitted credentials.
Is there another plugin which authenticates users by binding to LDAP
*as the user*, and using the success/failure of that to decide whether
a user's password is valid?
This could perhaps also be accomplished via a suitable PAM stack or via
indirect mechanisms such as "rimap" or dovecot auth.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[email protected]?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
