Hi
We try to migrate from slapd to 389-dirserver.
Authentication is only used by our application login, not for system logon.
We forward our ldap authentication to a central ldap server
saslauthd:
ldap_servers
ldap_bind_dn: cn=binduser,ou=emea,o=services
ldap_bind_pw: secret
ldap_search_base: o=auth
ldap_timeout: 3
ldap_time_limit: 10
ldap_filter: (&(objectClass=inetOrgPerson)(uid=%u))
sasl2/slapd:
mech_list: plain
pwcheck_method: saslauthd
saslauthd_path: /run/sasl2/mux
and sysconfig/saslauthd
SASLAUTHD_AUTHMECH=ldap
And a simple user attribute: userpassword: {SASL}johndoe
It would be great it saslauthd is supported in 389-DS, but I fear it isn't.
I wonder how to configure 389-ds to use this simple LDAP auth
forwarding. I could not find anything about this in the docs (or I'm too
dumb..). I tried sssd but no luck yet, reconfiguration of PAM is not
allowed....
It would be grateful to get a working example ( like the one above)
Thanx