Re: LDAP + Kerberos not allowing simple binds

[Jose Gonzalez Gomez <jgonzalez@opentechnet.com>]

Robert wrote:

> "Jose Gonzalez Gomez" <jgonzalez@opentechnet.com> wrote in message
> 411E3889.5080205@opentechnet.com">news:411E3889.5080205@opentechnet.com...
>  
>
> > Robert wrote:
> >
> >    I should check with my installation (I won't be able to do that
> > until monday, probably) but I think you need a file in
> > /etc/sasl2/slapd.conf (or something similar) indicating the mechanism to
> > use... if you use Kerberos you could probably use saslauthd as the
> > mechanism and then set saslauthd to check passwords against Kerberos
> > (saslauthd -a kerberos)... check this by yourself, as I'm typing without
> > looking at the docs, and my memory is horrible.
> >    
>
> I am running saslauthd with the -a kerberos option, but the thing is that if
> I testsaslauthd using my kerberos principal and password, authentication
> fails every time.
>
>  
   Then you should make that work before trying to use the {SASL} in 
userPassword. Have you taken a look at log files? I think you may run 
saslauthd with some verbose flag (-v?) so you may see the result of the 
authentication attempt. You may also look at the log files generated by 
sasl to see the cause of failed authentications.