[Date Prev][Date Next] [Chronological] [Thread] [Top]

why "no user in db" error messages?



Hello cyrus-sasl,

  I have FreeBSD 4.8R-p13 mail/auth server.
  All software comes from ports:

  openldap-2.1.22
  cyrus-imapd-2.1.15_1
  cyrus-sasl-2.1.15 with sasldb and ldapdb auxprop plugins installed.
  And when client is authenticating to sasl, in /var/log/auth.log
  appears messages:

Oct 31 00:45:23 helios pop3d[7213]: DIGEST-MD5 client step 2
Oct 31 00:45:23 helios pop3d[7213]: DIGEST-MD5 client step 2
Oct 31 00:45:23 helios pop3d[7213]: DIGEST-MD5 client step 3
Oct 31 00:45:23 helios pop3d[7213]: no user in db
Oct 31 00:45:23 helios pop3d[7213]: no user in db

  Client is authenticating fine, all is OK, but where from those "no
  user in db" messages? The entreis in slapd.log for one mail auth
  session:

Nov  5 08:12:05 helios slapd[14065]: conn=1971 fd=14 ACCEPT from IP=127.0.0.1:2104 (IP=0.0.0.0:389)
Nov  5 08:12:05 helios slapd[14065]: conn=1971 op=0 BIND dn="" method=163
Nov  5 08:12:05 helios slapd[14065]: conn=1971 op=1 BIND dn="" method=163
Nov  5 08:12:05 helios slapd[14065]: SASL [conn=1971] Failure: no user in db
Nov  5 08:12:05 helios last message repeated 2 times

     What "user" is searching here?

Nov  5 08:12:05 helios slapd[14065]: conn=1971 op=1 BIND authcid="cyradm"
Nov  5 08:12:05 helios slapd[14065]: conn=1971 op=1 BIND dn="uid=lan_mailing,node=33(10),ou=users,dc=domain,dc=ru" mech=DIGEST-MD5 ssf=128
Nov  5 08:12:05 helios slapd[14065]: conn=1971 op=3 SRCH base="uid=lan_mailing,node=33(10),ou=users,dc=domain,dc=ru" scope=0 filter="(objectClass=*)"
Nov  5 08:12:05 helios slapd[14065]: conn=1971 op=3 SRCH attr=userPassword
Nov  5 08:12:05 helios slapd[14065]: conn=1971 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text=
Nov  5 08:12:05 helios slapd[14065]: conn=1971 op=4 UNBIND
Nov  5 08:12:05 helios slapd[14065]: conn=1971 fd=14 closed


   In /usr/local/lib/sasl2/cyrus.conf:

pwcheck_method: auxprop
ldapdb_uri: ldap:///
ldapdb_id: cyradm
ldapdb_pw: secret-pass
ldapdb_mech: DIGEST-MD5
mech_list: plain login digest-md5 cram-md5   

   In cyradm DN there is saslAuthzTo attribute:
   "uid=.*,node=.*,ou=users,dc=domain,dc=ru"

   Is /usr/local/lib/sasl2/slapd.conf configuration is critical? For
   now in /usr/local/lib/sasl2/slapd.conf:

pwcheck_method: auxprop
ldapdb_uri: ldap:///

-- 
Best regards,
 Alexander                          mailto:lan_mailing@startatom.ru