[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLdap authentication wirh SASL (CRAM-MD5 or DIGEST-MD5)

To: openldap-software ML <openldap-software@OpenLDAP.org>
Subject: OpenLdap authentication wirh SASL (CRAM-MD5 or DIGEST-MD5)
From: Raphaël Berghmans <rberghmans@arafox.com>
Date: 11 Oct 2002 11:12:02 +0200

Hi,


I'm trying to configure OpenLdap with SASL (CRAM-MD5 or DIGEST-MD5)

I've done the following steps :

Adduser in sasldb : saslpasswd -c admin

Executing the command 'sasldblistusers' :

user: admin realm: merlin mech: CRAM-MD5
user: admin realm: merlin mech: DIGEST-MD5
user: admin realm: merlin mech: PLAIN

Checking if OpenLDAP implement correctly the authnentification method
with : ldapsearch -H ldap:///127.0.0.1 -p389 -x -s base -LLL
supportedSASLMechanisms

Result:

dn:
supportedSASLMechanisms: CRAM-MD5
supportedSASLMechanisms: DIGEST-MD5


Adding in my slapd.conf the following lines: 

sasl-host       127.0.0.1
sasl-realm      127.0.0.1

rootdn "uid=admin"

But when I'm testing this configuration by adding a new entry in the
directory, my configuration doesn't seem to be correct :

ldapadd -f rber.ldif -D "cn=admin,dc=arafox,dc=be"  -Y DIGEST-MD5
SASL/DIGEST-MD5 authentication started
Please enter your password: 
ldap_sasl_interactive_bind_s: Unknown error


or 

ldapadd -f rber.ldif -D "cn=admin,dc=arafox,dc=be"               
SASL/CRAM-MD5 authentication started
Please enter your password: 
ldap_sasl_interactive_bind_s: Unknown error
	additional info: no secret in database


Maybe I'm not using the correct options in the ldapadd or there is a
problem between sasl and LDAP ?

Could you please help me ?

Raphaël

Follow-Ups:
- RE: OpenLdap authentication wirh SASL (CRAM-MD5 or DIGEST-MD5)
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: Re: How to achieve fail over in ldap servers
Next by Date: advice on security
Index(es):
- Chronological
- Thread