[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OPENLDAP, SASL
Hello,
I need help about the configuration the OPENLDAP and Cyrus SASL
My configuration is :
BERKELEY 4.2
Cyrus SASL 2.1.18
OPENLDAP 2.2.11
on Linux Red Hat 8.0
The install is complete and no problem (I think).
I can launch my ldap daemon, create a database, and add entry. My
problem is when I want to use a password. If my ldap.conf have password
in CLEARTEXT with this command is OK.
ldappasswd -x -v -S -w secret -D "dc=cochise,dc=com"
"cn=ar,ou=entreprise,dc=cochise,dc=com" -h "192.168.1.3"
But when I want to use the sasl to generate the password with the
command i have a problem. I write this command
saslpasswd2 -c newuser
Password: ##
Again (for verification): ##
but when i want to use the search i open an fault segmentation of LDAP
/usr/local/bin/ldapsearch -Y DIGEST-MD5 -U toto -S -b "dc=myweb,dc=com"
'cn=newuser*' -h "MYIP"
I obtain this error
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
The log of my LDAP is
do_sasl_bind: dn () mech DIGEST-MD5
==> sasl_bind: dn="" mech=<continuing> datalen=257
SASL [conn=3] Debug: DIGEST-MD5 server step 2
SASL Canonicalize [conn=3]: authcid="toto"
slap_sasl_getdn: id=toto [len=3]
slap_sasl_getdn: u:id converted to uid=toto,cn=DIGEST-MD5,cn=auth
>>> dnNormalize: <uid=toto,cn=DIGEST-MD5,cn=auth>
=> ldap_bv2dn(uid=toto,cn=DIGEST-MD5,cn=auth,0)
<= ldap_bv2dn(uid=toto,cn=DIGEST-MD5,cn=auth,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=toto,cn=digest-md5,cn=auth,272)=0
<<< dnNormalize: <uid=toto,cn=digest-md5,cn=auth>
==>slap_sasl2dn: converting SASL name uid=toto,cn=digest-md5,cn=auth to a DN
slap_sasl_regexp: converting SASL name uid=toto,cn=digest-md5,cn=auth
<==slap_sasl2dn: Converted SASL name to <nothing>
SASL Canonicalize [conn=3]: slapAuthcDN="uid=toto,cn=digest-md5,cn=auth"
/etc/sasldb2
daemon: select: listen=6 active_threads=0 tvp=NULL
Erreur de segmentation
I find a problem but i don't find solution.
The file /etc/sasldb2 don't exist. I use ldapadd to add an entry in my ldap.
Tks for your help.
If you want more information you could contact me.
Franck DARRAS