Re: PROBLEM: can't use SASL to authentication openldap client

[Howard Chu <hyc@symas.com>]

Dan White wrote:
> On 09/08/10 16:56 +0800, LI Ji D wrote:
> > Hi,
> > 	My problem is that I expect slapd to authenticate with the password stored in sasldb. But it's not, it uses  the password stored in userpassword attribute of this user which is a item of openldap.
> > 	So I want to know, how can slapd use password stored in sasldb to do the sasl authentication.
>
> I attempted to do this as well and failed. Setting auxprop_plugin to sasldb
> did not provide the expected response. Regardless of whether I set it to
> slapd or sasldb, the server authenticates my digest-md5 sasl bind using the
> internal slapd plugin.
>
> I recommend you file a bug report.

File the bug with the correct people. OpenLDAP doesn't do anything in 
particular with SASL configuration. If you can't get the desired behavior by 
setting the SASL config file, then file a bug against Cyrus SASL.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/