Re: ldap auth or sasldb auth

Tue, 26 Feb 2002 09:54:40 -0800 

Hi

Dave C schrieb:

> All,
>
> I am wondering if I have this process right, I want to
> use LDAP with cyrus so do I store everythign in ldap
> or just all the user information and the password is
> stored in /etc/sasldb? if so then i'd assume the
> pwcheck_method: sasldd. I am ok with either storing
> everything in ldap or just storing the user info, I
> just want to be sure to do it properly, also in
> several documents i've noticed the tls setup in
> imapd.conf, another in the postfix/main.cf and another
> in the slapd.conf what is the proper place to put the
> tls certfile information?
>
> as it stands now my imapd.conf looks like:
>
> configdirectory: /var/imap
> partition-default: /var/spool/imap
> admins: cyrus root
> allowanonymouslogin: no
> sasl_pwcheck_method: ldap
> sasl_ldap_basedn: dc=temperagen,dc=com
> sasl_ldap_search_base: dc=temperagen,dc=com
> sasl_ldap_server_host: localhost
> sasl_ldap_server_port: 389
> sasl_ldap_query_filter: (mailacceptinggeneralid=%s)
> sasl_ldap_result_attribute: mailacceptinggeneralid
> tls_ca_path: /usr/share/ssl/certs
> tls_ca_file: /usr/share/ssl/certs/eragen.crt
> tls_key_file: /usr/share/ssl/certs/eragen.key
> tls_cert_file: /usr/share/ssl/certs/eragen.crt

Location of certfiles depend on the kind of OS. For RedHat Linux your
path is okay as I think it is according to the current FHS.

>
>
> the slapd.conf looks like:
>
> include         /etc/openldap/schema/core.schema
> include         /etc/openldap/schema/myPostfix.schema
> include         /etc/openldap/schema/misc.schema
> pidfile         /var/run/slapd.pid
> argsfile        /var/run/slapd.args
> database        ldbm
> suffix          "dc=temperagen,dc=com"
> rootdn          "cn=Manager,dc=temperagen,dc=com"
> rootpw          XXXXXXXXXXXX
> directory       /var/lib/ldap
> index           objectClass     eq
> #
> #TLSCertificateFile      /etc/openldap/eragen.crt
> #TLSCertificateKeyFile   /etc/openldap/eragen.key
> #TLSCACertificateFile    /etc/openldap/eragen.crt
> #TLSCipherSuite DES-CBC3-SHA
>
> any help is appreciated
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Sports - Coverage of the 2002 Olympic Games
> http://sports.yahoo.com

Reply via email to