[Date Prev][Date Next] [Chronological] [Thread] [Top]

Fw: sasl-regex and realm with digest-md5

To: OpenLDAP-software@OpenLDAP.org
Subject: Fw: sasl-regex and realm with digest-md5
From: Dale McCurdy <dmccurdy@au1.ibm.com>
Date: Thu, 16 Sep 2004 12:45:38 +1000





Hello,

I new to configuring ldap and have been trying out a few things. I have
managed to get sasl working with md5 ok.

what I am confused about it the roll o sasl-realm with respect to
sasl-regex.

I have the following in my slapd.conf

sasl-regexp uid=(.*),cn=localhost.localdomain,cn=DIGEST-MD5,cn=auth
uid=$1,ou=People,dc=my-domain,dc=com

I noticed that when I run ldapsearch as :

 ldapsearch -d255  -U updater   -Y DIGEST-MD5    -H ldap://192.168.0.100/
etc
the realm is infact set to localhost.localdomain.

but  the slapd trace shows

slap_sasl2dn: converting SASL name uid=updater,cn=digest-md5,cn=auth

note realm missing..

but when I add

sasl-realm  localhost.localdomain to slapd.conf

slap_sasl_getdn: u:id converted to
uid=updater,cn=localhost.localdomain,cn=DIGEST-MD5,cn=auth

by realm is now included and the match occurs.

and id get the converted dn
slap_sasl_getdn: u:id converted to
uid=updater,cn=localhost.localdomain,cn=DIGEST-MD5,cn=auth
-> do_bind: SASL/DIGEST-MD5 bind:
dn="uid=updater,ou=people,dc=my-domain,dc=com" ssf=1

I would have thought it would have done the later by picking up the realm
from the request.

I tried adding -R realm  and -U user@Realm  but no luck...



Regards, Dale............

"

Prev by Date: RE: configure: error: Berkeley DB version mismatch
Next by Date: RE: How do I use OpenLdap for password authentication w/active directory
Index(es):
- Chronological
- Thread