9 Jul
2003
9 Jul
'03
7:49 p.m.
--On 09 July 2003 18:28 +0300 Timo Sirainen <tss@iki.fi> wrote:
On Tue, 2003-07-08 at 21:53, Jared wrote:
Is there any intention to support "authentication binds" so you don't have to bind as a user with read privileges to everyone's userPassword attribute? For security purposes I'd like to see this functionality.
I probably have to add support for this some day, but it's kind of annoying to implement if I want to do it well. I should use non-blocking LDAP connect calls, but last time I tried it got pretty ugly and I gave up.
If people really need this now, SASL might be the answer (either via PAM or mailfront) since saslauthd/auth_ldap allows authentication binds.