[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: newbie question. SASL auth.
In the line:
rootdn "uid=root,cn=myorg.ru,cn=auth.cn-digest-md5"
you have a . instead of a comma btw cn=auth and cn=digest-md5
plus you have a - instead of a = in cn-digest-md5
Cheers
Jose
-----Original Message-----
From: Ilya Bassine [mailto:lanmot@cwrussia.ru]
Sent: 27 August 2002 11:15
To: openldap-software@OpenLDAP.org
Subject: newbie question. SASL auth.
Hi,
could you please tell me what did I wrong?
Here you are my system:
Slackware-8.1
Berkeley db-4.0.14
sasl-2.1.7
openldap 2.1.14 was compiled with SASL ( --enable-spasswd)
user root has been put into sasldb:
#############################################################
root@myhost:/etc/openldap# saslpasswd2 -c root -n
Password:
Again (for verification):
root@myhost:/etc/openldap# sasldblistusers2
root@myhost: cmusaslsecretOTP
root@myhost:
#############################################################
#############################################################
#/etc/openldap/slapd.conf
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/misc.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
pidfile /var/ldap/slapd.pid
argsfile /var/ldap/slapd.args
loglevel -1
backend bdb
backend ldap
database bdb
sasl-regexp uid=(.*),cn=.*,cn=digest-md5,cn=auth uid=$1,dc=myorg,dc=ru
suffix "dc=myorg,dc=ru"
rootdn "uid=root,cn=myorg.ru,cn=auth.cn-digest-md5"
directory /var/ldap/openldap-data
index objectClass eq
access to attr=userPassword
by self write
by anonymous auth
by dn="uid=root,cn=myorg.ru,cn=auth,cn=digest-md5" write
by * none
access to *
by self write
by dn="uid=root,cn=myorg.ru,cn=auth,cn=digest-md5" write
by * read
#############################################################
when I'm trying to add the ldif file, system gives me an error:
#############################################################
bash-2.05a$ ldapadd -X uid=root,cn=myorg.ru,cn=auth,cn=digest-md5 -W
-f \
~ilya/ldap_test/entry.test
Enter LDAP Password:
SASL/OTP authentication started
ldap_sasl_interactive_bind_s: Insufficient access (50)
additional info: SASL(-14): authorization failure:
Inappropriate authentication
bash-2.05a$
#############################################################
what did I wrong?
Thank you for your help in advanvce
Ilya