[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL authentication



Am Mon, 13 Feb 2012 16:31:02 -0800
schrieb Rakesh Aggarwal <rakesh.aggarwal@gmail.com>:

> Hi! I am using OpenLDAP 2.4.26 and trying DIGEST-MD5 authentication
> using "ldapwhoami". I get the error "SASL(-13): user not found: no
> secret in database". While specifying the user with -U option, bind
> DN was showing empty in the server's trace. I have tried specifying
> complete DN with -D option but the result is the same error.
> 
> User were added using sasldblistusers2 command. sasldblistusers shows
> the users though it has appended the hostname where I issued the add
> command from.
> 
> What am I missing? Can someone point me to working instructions as the
> documentation for configuring SASL with openLdap seems really sparse?

Forget sasldb and other sasl tools, just use openldap's own sasl
configuration. Create appropriate authz-regexp strings in order to
match the users entries, make sure users have an uid attribute and the
value of userPassword is plaintext and not hashed.

-Dieter

-- 
Dieter KlÃnter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53Â37'09,95"N
10Â08'02,42"E