--- /dev/null
+#Currently configurable parameters:
+#- srvtab (for KERBEROS_V4): [/etc/srvtab] path
+# where to find the srvtab
+#
+#- pwcheck_method: [PAM] one of {PAM, kerberos_v4, passwd, shadow, sasldb}
+# how to check plaintext passwords.
+#
+#- auto_transition: [false]
+# if true, automatically add secrets to the secret database when
+# PLAIN or check_password is used, so in the future the user can
+# use the more secure mechanisms.
+#
+#*** For a more detailed guide on configuring SASL, please look at
+#doc/sysadmin.html.
+#
+#pwcheck_method: sasldb
+pwcheck_method: PAM
+auto_transition: true