[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: SASL authentication, user not found
In reply to Howard Chu;
The Cyrus documentation states that the default SASL realm is the FQDN of
the host. This is the value that slapd uses. It appears from your
sasldblistusers output that your realm is not fully qualified. This kind of
mismatch is known to cause the user lookups to fail.
Also, the -X option for ldapsearch is only needed for proxy authorization.
Normally you would just use -U to bind with a specific username.
I've tried setting the realm to LSiaB, I'm now using;
ldapsearch -U 'dn: uid=testuser,cn=LSiaB,cn=DIGEST-MD5,cn=auth' -b
'o=lsiab.lan' '(objectclass=*)'
With the SASL regexp set to (In reply to Tony Earnshaw);
sasl-regexp
"uid=(.*),cn=LSiaB,cn=DIGEST-MD5,cn=auth"
"uid=$1,ou=test,o=lsiab.lan"
# "ldap:///o=lsiab.lan??sub?=uid=$1"
The # is there because I've been trying both with every thing I've changed.
Any other suggestions??