Amos Gouaux writes:
>
>>>>>> On Fri, 11 May 2001 10:07:49 -0500 (CDT),
>>>>>> mills <[EMAIL PROTECTED]> (m) writes:
>
>m> I notice also that a main feature of SASL is that it engages in a
>m> dialogue with the client. PAM also does this through its conversation
>m> function. Could SASL be made into a PAM module? Is PAM adequate for
>m> this purpose?
>
>based on the reading i've done, i believe, like it or not (for
>some?), this is precisely what PAM is for. here we use a PAM module
>on our solaris and linux boxes to control who can login by looking
>for an attribute in an ldap tree. the 'account' facility in PAM is
>precisely for what it sounds like you want to do.....
You don't use sasldb with CRAM-MD5 passwords, then? The problem
with SASL is that it only uses PAM for Unix-style passwords.
There is no account management facility in sasldb, or in SASL
for that matter, other than what's available through PAM.
We want to use CRAM-MD5 passwords, and that's why I'm looking
for a place in SASL to add account management.
--
-Gary Mills- -Unix Support- -U of M Academic Computing and Networking-
