[Date Prev][Date Next] [Chronological] [Thread] [Top]

authentication



 
i have openldap 2.0.7 ans sasl 1.5.24 installed with support for PLAIN, CRAM-MD5.
 
i have SASL tested with the sample-servre and sample-client and it works fine for PLAIN and CRAM-MD5 with the /etc/sasldb.
 
now i would like to authenticate ldap users against the informations stored in the SASL-db.
 
following information is within /etc/sasldb:
user: manfred realm: workx-server mech: CRAM-MD5
user: manfred realm: workx-server mech: PLAIN
 
(this is the user, for whom i tested the SASL-sample programs)
 
in slapd.conf i have following rootdn as mentioned by the documentation:
rootdn    "uid=manfred@workx-server"
suffix    "dc=workx-server"
 
now i would like to add entries to ldap with following command:
ldapadd -f /etc/openldap/ldif/company.ldif -I -Y PLAIN
 
i get the following error:
ldap_sasl_interactive_bind_s: Unknown error
 
when i try:
ldapadd -f /etc/openldap/ldif/company.ldif -I -Y CARM-MD5
 
i get:
ldap_sasl_interactive_bind_s: Unknown error
    additional info: no secret in database
 
can anyone tell me what is wrong with this? i'm trying it now for one week and searched the list-archive (search does always return nothing?) and i don't know any further, so please give me some hints.
 
i used the same information as with the SASL-sample programs. also i tried to leave the authorization-id blank. the slapd runs with the privileges of root and has read/write access to /etc/sasldb.
maybe anyone can tell me what information to type in when starting the interactive sasl-bind?
 
thanks for any!!
 
 
ps: i have also tried to authenticate against /etc/shadow, but i always get:
rootdn    "uid=manfred,dc=workx-server"
ldap_sasl_interactive_bind_s: invalid credentials
(i have this configured with a slapd.conf file under /usr/lib/sasl and configured it like mentioned in the SASL administrator guide.)
maybe someone can help me with this?
 
thanks a lot.