[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Can't get password passthrough to work with openldap



k pur <4krishan@gmail.com> writes:

> Hi,
>    I am trying to get Pass-Through authentication to work for password
>    verification.
>
>    Following the 'Pass-Through authentication' (14.5) in the openldap 2.4
>    admin guide, I hve configured saslauthd and slapd.conf (sasl) and
>
>    managed to successfully authenticate with Active Directory (AD) using 
>    the 'testsaslauthd' utility.
>
>    Setting a user password in my openldap database in the form
>
>    dn: uid=user,ou=org,dc=org.com
>
>    userPassword: {SASL}joe@ad.example.com
>
>    where joe@ad.example.com is the userPrincipalName defined for this
>
>    user in AD.
>
>    I can't authenticate, when using the ldapsearch command
>
>      $ ldapsearch -x -v -D 'uid=joe,ou=people,dc=myorg.com' -W -h ldaphost
>
>      Comes up with error (49)
>
>      I have enabled --enable-spasswd --with-cyrus-sasl when compiling openldap
>
>      Has anybody configured this type of setup successfully?
>
>      My question is - how do I configure my openldap server to talk to

You have to configure a sasl related slapd.conf, depending on you OS
this file might be either in /usr/lib/sasl2/slapd.conf or
/etc/sasl2/slapd.conf. 

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E