[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: newbie question. SASL auth.
On Tuesday 27 August 2002 13:45, Jose Correia (J) wrote:
> In the line:
>
> rootdn "uid=root,cn=myorg.ru,cn=auth.cn-digest-md5"
replaced by:
rootdn "uid=root,cn=myorg.ru,cn=auth,cn=digest-md5"
>
> you have a . instead of a comma btw cn=auth and cn=digest-md5
> plus you have a - instead of a = in cn-digest-md5
>
result is the same
> Cheers
> Jose
>
>
>
>
> -----Original Message-----
> From: Ilya Bassine [mailto:lanmot@cwrussia.ru]
> Sent: 27 August 2002 11:15
> To: openldap-software@OpenLDAP.org
> Subject: newbie question. SASL auth.
>
>
> Hi,
>
> could you please tell me what did I wrong?
> Here you are my system:
>
> Slackware-8.1
> Berkeley db-4.0.14
> sasl-2.1.7
> openldap 2.1.14 was compiled with SASL ( --enable-spasswd)
>
> user root has been put into sasldb:
> #############################################################
> root@myhost:/etc/openldap# saslpasswd2 -c root -n
> Password:
> Again (for verification):
> root@myhost:/etc/openldap# sasldblistusers2
> root@myhost: cmusaslsecretOTP
> root@myhost:
> #############################################################
>
> #############################################################
> #/etc/openldap/slapd.conf
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/misc.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> pidfile /var/ldap/slapd.pid
> argsfile /var/ldap/slapd.args
> loglevel -1
> backend bdb
> backend ldap
> database bdb
> sasl-regexp uid=(.*),cn=.*,cn=digest-md5,cn=auth uid=$1,dc=myorg,dc=ru
> suffix "dc=myorg,dc=ru"
> rootdn "uid=root,cn=myorg.ru,cn=auth.cn-digest-md5"
> directory /var/ldap/openldap-data
> index objectClass eq
> access to attr=userPassword
> by self write
> by anonymous auth
> by dn="uid=root,cn=myorg.ru,cn=auth,cn=digest-md5" write
> by * none
> access to *
> by self write
> by dn="uid=root,cn=myorg.ru,cn=auth,cn=digest-md5" write
> by * read
> #############################################################
>
> when I'm trying to add the ldif file, system gives me an error:
> #############################################################
> bash-2.05a$ ldapadd -X uid=root,cn=myorg.ru,cn=auth,cn=digest-md5 -W
> -f \
> ~ilya/ldap_test/entry.test
>
> Enter LDAP Password:
> SASL/OTP authentication started
> ldap_sasl_interactive_bind_s: Insufficient access (50)
> additional info: SASL(-14): authorization failure:
> Inappropriate authentication
> bash-2.05a$
> #############################################################
>
> what did I wrong?
>
> Thank you for your help in advanvce
>
> Ilya