Roberto C. Sanchez wrote:
On Sun, Oct 15, 2006 at 04:09:32PM -0400, Roberto C. Sanchez wrote:Greetings fellow Debian users and developers, The Debian Cyrus SASL Team is working at a breakneck pace to try and get the new upstream version ready in time for Etch. For that to happen, we
[*snip*]
Unfortunately, LDAP support is still disabled, but we are working on that issue.
[*snip*]Wait... I have an LDAP directory setup against which I'm authenticating for Linux accounts (and in the future mail and whatnot).* I'm trying to add SASL to the mix now. Does this mean that I won't be able to do that with any Debian packages? I'm using Sarge at the moment, but want to do this on Etch too.
And this is a little off topic, but if someone could help me out, I'd really appreciate it. I don't *really* understand how SASL fits into the picture. I believe that right now my client machines and my LDAP server talk "in the clear" sending passwords and junk in plain text. They do this during authentication when a user logs on, and also when I use LDAP utils such as "ldapsearch -x". SASL encrypts all their communications so that doesn't happen anymore. I have to setup the LDAP server, and every client to use SASL though in order for this to work. Is all that accurate?
* I'm actually going to try using Kerberos for authentication and LDAP just for information storage, but one step at a time. I've never done this before. Saving that for later. =)
Thanks everyone, - GM