[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problems with SASL and replication

To: openldap-software@OpenLDAP.org
Subject: Problems with SASL and replication
From: Dennis Glatting <dennis.glatting@software-munitions.com>
Date: Sun, 29 Apr 2001 22:07:38 -0700
Organization: Software Munitions

Is there any documentation available on how to configure slapd and
slurpd to do replication using SASL? What is the meaning of authcID,
authzID, et. al. in a replication scenario?

I have SASL authentication under replication *mostly* working but I am
at a point where I don't understand the failure. I believe everything
comes down to this on the slave:

=> get_ctrls: oid="2.16.840.1.113730.3.4.2" (critical)
<= get_ctrls: 1 0

The slave's config file looks like this:

updatedn        "cn=Manager,o=Penford Corporation"
#updateref      ldap://granny.bwa.penx.com

security        update_sasl=112
sasl-realm      dco.penx.com

and the SASL database on the slave this:

Elmer# sasldblistusers
user: repl.granny.bwa.penx.com realm: dco.penx.com mech: PLAIN
user: repl.granny.bwa.penx.com realm: dco.penx.com mech: CRAM-MD5
user: repl.granny.bwa.penx.com realm: dco.penx.com mech: DIGEST-MD5

The master config file looks like this:

replogfile      /var/run/openldap-slurp/repl.log
replica host=elmer.dco.penx.com
        binddn="cn=Manager,o=Penford Corporation"
        bindmethod=sasl
        saslmech=DIGEST-MD5
        authcID="repl.granny.bwa.penx.com"
        realm=dco.penx.com
        credentials="*****"

Prev by Date: Memory leaks detection.
Next by Date: Regarding replication
Index(es):
- Chronological
- Thread