[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: newbie question. SASL auth.

To: <lanmot@cwrussia.ru>, <openldap-software@OpenLDAP.org>
Subject: RE: newbie question. SASL auth.
From: "Jose Correia (J)" <CorreiJ@telkom.co.za>
Date: Tue, 27 Aug 2002 11:45:10 +0200
Content-class: urn:content-classes:message
Thread-index: AcJNrhfpJ1DfNzEeSX6D1AKkU1QfUgAACHQA
Thread-topic: newbie question. SASL auth.

In the line:

rootdn          "uid=root,cn=myorg.ru,cn=auth.cn-digest-md5"

you have a . instead of a comma btw cn=auth and cn=digest-md5
plus you have a - instead of a = in cn-digest-md5

Cheers
Jose




-----Original Message-----
From: Ilya Bassine [mailto:lanmot@cwrussia.ru]
Sent: 27 August 2002 11:15
To: openldap-software@OpenLDAP.org
Subject: newbie question. SASL auth.


Hi,

could you please tell me what did I wrong?
Here you are my system:

Slackware-8.1
Berkeley db-4.0.14
sasl-2.1.7
openldap 2.1.14 was compiled with SASL ( --enable-spasswd)

user root has been put into sasldb:
#############################################################
root@myhost:/etc/openldap# saslpasswd2 -c root -n
Password:
Again (for verification):
root@myhost:/etc/openldap# sasldblistusers2
root@myhost: cmusaslsecretOTP
root@myhost:
#############################################################

#############################################################
#/etc/openldap/slapd.conf
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/misc.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
pidfile         /var/ldap/slapd.pid
argsfile        /var/ldap/slapd.args
loglevel -1
backend bdb
backend ldap
database        bdb
sasl-regexp uid=(.*),cn=.*,cn=digest-md5,cn=auth uid=$1,dc=myorg,dc=ru
suffix          "dc=myorg,dc=ru"
rootdn          "uid=root,cn=myorg.ru,cn=auth.cn-digest-md5"
directory       /var/ldap/openldap-data
index   objectClass     eq
access to attr=userPassword
    by self write
    by anonymous auth
    by dn="uid=root,cn=myorg.ru,cn=auth,cn=digest-md5" write
    by * none
access to *
    by self write
    by dn="uid=root,cn=myorg.ru,cn=auth,cn=digest-md5" write
    by * read
#############################################################

when I'm trying to add the ldif file, system gives me an error:
#############################################################
bash-2.05a$ ldapadd -X uid=root,cn=myorg.ru,cn=auth,cn=digest-md5  -W
-f  \ 
~ilya/ldap_test/entry.test

Enter LDAP Password:
SASL/OTP authentication started
ldap_sasl_interactive_bind_s: Insufficient access (50)
additional info: SASL(-14): authorization failure: 
Inappropriate authentication
bash-2.05a$
#############################################################

what did I wrong?

Thank you for your help in advanvce

Ilya

Follow-Ups:
- Re: newbie question. SASL auth.
  - From: Ilya Bassine <lanmot@cwrussia.ru>

Prev by Date: newbie question. SASL auth.
Next by Date: Optimizing database ?
Index(es):
- Chronological
- Thread