Re: SASL Chaos?

[Erich Schubert <erich@debian.org>]

Well, i'm now able to use users i added to /etc/sasldb.
Maybe i'll stick with that (the thing i want this most for was
replication to a secondary server if my ldap directory)

> Then, you probably want to remove some of the sasl module packages from
> your machine: without /etc/sasldb, I think the only SASL types you can
> use are PLAIN and ANONYMOUS, and unless you specify something else with
> ldapsearch -Y <mech>, the client and server will automatically try to
> negotiate the strongest SASL mechanism that both support.

I wasn't able to get these to work with PAM either...
SASL could need some straight forward documentation and examples IMHO
(as could LDAP, lot's of people are having problems AFAIK...)

And - according to some documents i found - you can configure SASL
behaviour for specific apps via files in /usr/lib/sasl/
("strace slapd" shows that it's accessing /usr/lib/sasl/slapd.conf)
- which is in violation of debian policy and FHS, isn't it?

Well, i guess i'll still need to investigate SASL further, i guess i
might want to use it... any hints of helpful documents in the net?

Greetings,
Erich

-- 
        erich@(mucl.de|debian.org)        --        GPG Key ID: 4B3A135C
          Go away or i'll replace you with a very small shell script.
     Mancher findet sein Herz nicht eher, als bis er seinen Kopf verliert.
Mathematik: Das Alphabet, mit dessen Hilfe Gott das Universum beschrieben hat.