[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLdap authentication wirh SASL (CRAM-MD5 or DIGEST-MD5)



Hi,


I'm trying to configure OpenLdap with SASL (CRAM-MD5 or DIGEST-MD5)

I've done the following steps :

Adduser in sasldb : saslpasswd -c admin

Executing the command 'sasldblistusers' :

user: admin realm: merlin mech: CRAM-MD5
user: admin realm: merlin mech: DIGEST-MD5
user: admin realm: merlin mech: PLAIN

Checking if OpenLDAP implement correctly the authnentification method
with : ldapsearch -H ldap:///127.0.0.1 -p389 -x -s base -LLL
supportedSASLMechanisms

Result:

dn:
supportedSASLMechanisms: CRAM-MD5
supportedSASLMechanisms: DIGEST-MD5


Adding in my slapd.conf the following lines: 

sasl-host       127.0.0.1
sasl-realm      127.0.0.1

rootdn "uid=admin"

But when I'm testing this configuration by adding a new entry in the
directory, my configuration doesn't seem to be correct :

ldapadd -f rber.ldif -D "cn=admin,dc=arafox,dc=be"  -Y DIGEST-MD5
SASL/DIGEST-MD5 authentication started
Please enter your password: 
ldap_sasl_interactive_bind_s: Unknown error


or 

ldapadd -f rber.ldif -D "cn=admin,dc=arafox,dc=be"               
SASL/CRAM-MD5 authentication started
Please enter your password: 
ldap_sasl_interactive_bind_s: Unknown error
	additional info: no secret in database


Maybe I'm not using the correct options in the ldapadd or there is a
problem between sasl and LDAP ?

Could you please help me ?

Raphaël