[SASAG] Linux Mail Server Authentication
Wil Cooley
wcooley at nakedape.cc
Thu Jun 29 12:44:38 PDT 2006
On Thu, 2006-06-29 at 12:08 -0700, Eric wrote:
> As I understand it, one of the main reasons not to use the local account
> is for security reason on the box. I've never used Openldap, but wonder
> if its more or less complicated than mysql.
LDAP is a whole different ballgame. It's great for scale and
distribution, not great for simplicity and ease-of-use. But what Atom
said still applies (assuming Postfix; I think Sendmail also uses Cyrus
SASL):
Postfix -> saslauthd -> PAM -> pam_unix
-> pam_ldap
-> pam_krb5
-> pam_mysql
-> pam_pwdfile (htpasswd-like files)
-> pam-whatever
-> LDAP
-> MySQL
-> GSSAPI
-> shadow
-> sasldb
-> ...
Your choices are legion.
Wil
--
Wil Cooley <wcooley at nakedape.cc>
Naked Ape Consulting, Ltd
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.sasag.org/pipermail/members/attachments/20060629/5229861c/attachment.bin>
More information about the Members
mailing list