[389-users] Forward LDAP Auth SASL or SSSD

Hi We try to migrate from slapd to 389-dirserver. Authentication is only used by our application login, not for system logon. We forward our ldap authentication to a central ldap server saslauthd: ldap_servers ldap_bind_dn: cn=binduser,ou=emea,o=services ldap_bind_pw: secret ldap_search_base: o=auth ldap_timeout: 3 ldap_time_limit: 10 ldap_filter: (&(objectClass=inetOrgPerson)(uid=%u)) sasl2/slapd: mech_list: plain pwcheck_method: saslauthd saslauthd_path: /run/sasl2/mux and sysconfig/saslauthd SASLAUTHD_AUTHMECH=ldap And a simple user attribute:     userpassword: {SASL}johndoe It would be great it saslauthd is supported in 389-DS, but I fear it isn't. I wonder how to configure 389-ds to use this simple LDAP auth forwarding. I could not find anything about this in the docs (or I'm too dumb..). I tried sssd but no luck yet, reconfiguration of PAM is not allowed.... It would be grateful to get a working example ( like the one above) Thanx