[Date Prev][Date Next] [Chronological] [Thread] [Top]

in-storage problem

To: openldap-software <openldap-software@OpenLDAP.org>
Subject: in-storage problem
From: thierryW <thierryw@libertysurf.fr>
Date: Mon, 05 Aug 2002 13:36:44 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc1) Gecko/20020417

Please,
Cyrus 2.1.6, openldap-2.1.3, openssl-0.9e

my ldif entry :
dn: uid=wheel,ou=Admins,o=Mairie,dc=intranet,dc=fr
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: wheel
sn: wheel
uid: wheel
userPassword: "mypass"

slapd.conf regex:
saslRegexp
            uid=(.*),cn=intranet.fr,cn=DIGEST-MD5,cn=auth
            uid=$1,ou=admins,o=mairie,dc=intranet,dc=fr

test: ldapsearch -H "ldap://openmail.intranet.fr"; -D "uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr" -b 'dc=intranet,dc=fr' -X "u:wheel" -U "wheel"

result: ==> sasl_bind: dn="uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr" mech=<continuing> datalen=281 SASL [conn=0] Debug: DIGEST-MD5 server step 2 SASL Canonicalize [conn=0]: authcid="wheel" slap_sasl_getdn: id=wheel getdn: u:id converted to uid=wheel,cn=intranet.fr,cn=DIGEST-MD5,cn=auth >>> dnNormalize: <uid=wheel,cn=intranet.fr,cn=DIGEST-MD5,cn=auth> <<< dnNormalize: <uid=wheel,cn=intranet.fr,cn=digest-md5,cn=auth> ==>slap_sasl2dn: converting SASL name uid=wheel,cn=intranet.fr,cn=digest-md5,cn=auth to a DN slap_sasl_regexp: converting SASL name uid=wheel,cn=intranet.fr,cn=digest-md5,cn=auth slap_sasl_regexp: converted SASL name to ldap:///uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr??base? <==slap_sasl2dn: Converted SASL name to uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr getdn: dn:id converted to uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr SASL Canonicalize [conn=0]: authcDN="uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr" => bdb_attribute: gr dn: "uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr" => bdb_attribute: at: "userPassword" => bdb_attribute: tr dn: "" bdb_dn2entry_rw("uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr") => bdb_dn2id( "uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr" ) <= bdb_dn2id: got id=0x00000027 entry_decode: "uid=wheel,ou=Admins,o=Mairie,dc=intranet,dc=fr" <= entry_decode(uid=wheel,ou=Admins,o=Mairie,dc=intranet,dc=fr) => bdb_attribute: found entry: "uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr" ====> bdb_cache_return_entry_r( 39 ): created (0) bdb_attribute: rc=0 nvals=1 slap_auxprop: str2ad(cmusaslsecretDIGEST-MD5): attribute type undefined => bdb_attribute: gr dn: "uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr" => bdb_attribute: at: "CMUSASLSECRETDIGEST-MD5" => bdb_attribute: tr dn: "" bdb_dn2entry_rw("uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr") => bdb_dn2id( "uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr" ) ====> bdb_cache_find_entry_dn2id("uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr"): 39 (1 tries) ====> bdb_cache_find_entry_id( 39 ) "uid=wheel,ou=Admins,o=Mairie,dc=intranet,dc=fr" (found) (1 tries) => bdb_attribute: found entry: "uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr" <= bdb_attribute: failed to find CMUSASLSECRETDIGEST-MD5 ====> bdb_cache_return_entry_r( 39 ): returned (0) bdb_attribute: rc=16 nvals=0 SASL Canonicalize [conn=0]: authzid="u:wheel" slap_sasl_getdn: id=u:wheel getdn: u:id converted to uid=wheel,cn=intranet.fr,cn=DIGEST-MD5,cn=auth >>> dnNormalize: <uid=wheel,cn=intranet.fr,cn=DIGEST-MD5,cn=auth> <<< dnNormalize: <uid=wheel,cn=intranet.fr,cn=digest-md5,cn=auth> ==>slap_sasl2dn: converting SASL name uid=wheel,cn=intranet.fr,cn=digest-md5,cn=auth to a DN slap_sasl_regexp: converting SASL name uid=wheel,cn=intranet.fr,cn=digest-md5,cn=auth slap_sasl_regexp: converted SASL name to ldap:///uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr??base? <==slap_sasl2dn: Converted SASL name to uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr getdn: dn:id converted to uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr SASL Canonicalize [conn=0]: authzDN="uid=wheel,ou=admins,o=mairie,dc=intranet,dc=fr" SASL [conn=0] Failure: client response doesn't match what we generated daemon: select: listen=6 active_threads=1 tvp=zero daemon: select: listen=7 active_threads=1 tvp=zero daemon: select timeout - yielding send_ldap_result: conn=0 op=2 p=3 send_ldap_result: err=49 matched="" text="SASL(-13): authentication failure: client response doesn't match what we generated" send_ldap_response: msgid=3 tag=97 err=49 ber_flush: 96 bytes to sd 13

i' m not understand, slapd_auxprop seems to mapping username but failed to retrieve userPassword and look for sasl attribute instead : slap_auxprop: str2ad(cmusaslsecretDIGEST-MD5): attribute type undefined

Slapd have is own sasl_plug for in-storage password so I normally not have to compile sasl with saslauthd ? Experimental sasl_auxprop plugin for ldap is for use with saslauthd but slapd_sasl_auxprop is an internal openldap plugin, isn't it ?

Prev by Date: Re: OpenLDAPaci question
Next by Date: Re: Again problems with slurpd
Index(es):
- Chronological
- Thread