[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLDAP slapd 2.4.3 alpha
Hello
How configure slapd (with backend sql) for authorized from sasl
because my slapd is crashed before correct authorization (all software is
install on clear system - freebsd 6.1 relase with sasl 2.21), in mysql
database is default data from example.
with unixODBC
./slapd -d -1
"
slap_parseURI: parsing uid=test,cn=digest-md5,cn=auth
ldap_url_parse_ext(uid=test,cn=digest-md5,cn=auth)
>>> dnNormalize: <uid=test,cn=digest-md5,cn=auth>
=> ldap_bv2dn(uid=test,cn=digest-md5,cn=auth,0)
<= ldap_bv2dn(uid=test,cn=digest-md5,cn=auth)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=test,cn=digest-md5,cn=auth)=0
<<< dnNormalize: <uid=test,cn=digest-md5,cn=auth>
<==slap_sasl2dn: Converted SASL name to uid=test,cn=digest-md5,cn=auth
slap_sasl_getdn: dn:id converted to uid=test,cn=digest-md5,cn=auth
SASL Canonicalize [conn=1]: slapAuthcDN="uid=test,cn=digest-md5,cn=auth"
SASL Canonicalize [conn=1]: authzid="test"
SASL proxy authorize [conn=1]: authcid="test" authzid="test"
slapd in free(): error: chunk is already free
Abort (core dumped)
s1#
----- slapd.conf ---------
s1# cat /usr/local/etc/openldap/slapd.conf
# $OpenLDAP: pkg/ldap/servers/slapd/back-sql/rdbms_depend/mysql/slapd.conf,v
1.5.2.1 2005/01/20 18:04:03 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
# Define global ACLs to disable default read access.
access to *
by * write
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
loglevel -1
#authz-police all
#sasl-host example.com
#sasl-realm example.com
#require SASL
authz-regexp
uid=(.*),cn=(.*),cn=(.*),cn=auth
ldap:///dc=example,dc=com??sub?(uid=test)
#sasl-secprops none
#authzTo: uid=[^,]*,dc=example,dc=com
#######################################################################
# sql database definitions
#######################################################################
database sql
suffix "dc=example,dc=com"
#rootdn "cn=test,dc=example,dc=com"
#rootpw secret
dbname ldap
dbuser ldap
dbpasswd ldap123zxc
subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)"
insentry_stmt "INSERT INTO ldap_entries (dn,oc_map_id,parent,keyval)
VALUES (?,?,?,?)"
has_ldapinfo_dn_ru no
#access to attrs=userPassword
# by * auth
#access to * by * none