[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SASL error messages - still don't get it



> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Alexander Lunyov

> Hello openldap-software,
>
>   I have managed openldap 2.1.23 and cyrus-sasl 2.1.15 to work
>   together with ldapdb auxprop plugin. When client authenticating to
>   imap/pop using APOP the authentication and logs are ok, and when
>   client authenticating using PLAIN the authentication itself is ok,
>   but there are two error messages "pop3d[60154]: no user in db" in
>   logs, though slapd.log entries on PLAIN and APOP authentication
>   process are pretty the same. Where are those error messages
>   come from?

>   And there is "SASL [conn=2957] Failure: Could not open db" error
>   message in slapd.log (see below), but it seems that it's not affect
>   anything to fail - what is that message about?

Most likely they're coming from the sasldb plugin. It's always built by
default unless you configure SASL --with-dblib=none. If all your users are in
LDAP then you're best off deleting the libsasldb from your system.

>   Software:
>   FreeBSD-4.8R-p13
>   openldap-2.1.23

Please update to the current OpenLDAP release (at least 2.1.25). Among other
important bug fixes, the ldapsasl README file has also been updated with more
usage notes.

>   cyrus-sasl-2.1.15
>   cyrus-imapd-2.1.15
>
>   Configs:

> /usr/local/lib/sasl2/slapd.conf:
> ========================================
> pwcheck_method: auxprop
> ldapdb_uri: ldap:///
> ldapdb_id: cyradm
> ldapdb_pw: password
> ldapdb_mech: DIGEST-MD5
> ========================================

NEVER DO THIS. Delete this file. See the most recent ldapsasl README file for
details.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support