[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
LDAP + SASL + PAM or SASL TROUBLE
Hello, I'm trying to implement (Unix) user authentication in a small network
at work using ldap and pam_ldap, I've almost done it but I get this
error when testing the ldap server:
root@dep3$ ldapsearch -U root
SASL/LOGIN authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Out of memory
but:
root@dep3$ free /home/jsf/packages/MigrationTools-38
total used free shared buffers cached
Mem: 256960 239088 17872 68352 64992 65084
-/+ buffers/cache: 109012 147948
Swap: 265024 3672 261352
My sasl slap.conf file:
# Currently configurable parameters:
# - srvtab (for KERBEROS_V4): [/etc/srvtab] path
# where to find the srvtab
#
# - pwcheck_method: [PAM] one of {PAM, kerberos_v4, passwd, shadow, sasldb}
# how to check plaintext passwords.
#
# - auto_transition: [false]
# if true, automatically add secrets to the secret database when
# PLAIN or check_password is used, so in the future the user can
# use the more secure mechanisms.
#
# *** For a more detailed guide on configuring SASL, please look at
# doc/sysadmin.html.
#
# Rename to /usr/lib/sasl/slapd.conf to use
#
#pwcheck_method: sasldb
pwcheck_method: PAM
#pwcheck_method: shadow
#auto_transition: true #no estaba comentado originalmente
And my pam.d/ldap file:
#%PAM-1.0
# is used by openldap slpad with SASL configured with pwcheck_method: PAM
#
auth required pam_unix.so
account required pam_unix.so
password required pam_unix.so
session required pam_unix.so
What do you think the problem is, also, does anyone has a good
reference for implementing this? The HOWTO in linuxdoc is _very_ out
of date.
TIA
jorge santos
P.S. I'm using all packages from Debian Woody, which means:
libsasl7 1.5.24-6.1
libpam-ldap 118-1
slapd 2.0.11-2
libldap2 2.0.11-2
ldap-utils 2.0.11-2