[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: kpasswd



On Fri, 17 Oct 2003 at 5:53pm, Allan Streib wrote:

> http://www.openldap.org/faq/data/cache/944.html

First a big thank you to Allan for taking the time to document what he
did.

However, even though I have followed the directions in that faq (and all
the previous posts in this discussion thread).  It's still failing for
me.

I am using the stock RedHat 9 cyrus-sasl 2.1.10 and MIT Kerberos 5.  I
have built my own openldap 2.1.22 (based on the RedHat beta source)

I am running saslauthd with -a kerberos5

testsaslauthd works correctly (/etc/krb5.keytab has the host entry)

I have a /usr/lib/sasl2/slapd.conf which contains
pwcheck_check: saslauthd
saslauthd_path: /var/run/saslauthd

I have rebuilt openldap 2.1.22 with --enable-spasswd to get the {SASL}
function included.

I have changed my test entry to have a userpassword of
{SASL}testid@realm instead of {KERBEROS}testid@realm

However, attempts to authenticate are not working.  They fail with
the invalid credentials error and the syslog output says that openldap
is still trying to find /etc/sasldb2.

What have I messed up?

-- 
Frank Swasey                    | http://www.uvm.edu/~fcs
Systems Programmer              | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
                    === God Bless Us All ===