[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL Authentication against LDAP

To: Lothar Handl <ranger@wizards.at>
Subject: Re: SASL Authentication against LDAP
From: John Dalbec <jpdalbec@cc.ysu.edu>
Date: Wed, 07 Aug 2002 09:33:30 -0400
Cc: openldap-software@OpenLDAP.org
Organization: Youngstown State University
References: <20020806141940.A3844@p15090634.pureserver.de> <Pine.GSO.4.44.0208061002420.12859-100000@pula.istra.ypass.net> <20020806230749.A879@p15090634.pureserver.de>


Lothar Handl wrote:
> 
> Hi,
> 
> thanks for the tips. Now it seems that SASL connects to LDAP and
> authenticates when I use the testsasl proggy. But Cyrus does not
> seem to use this method. Have you got an idea what went wrong?
> 
> My imapd.conf looks now like this:
> postmaster: postmaster
> configdirectory: /var/imap
> partition-default: /var/spool/imap
> admins: cyrus root
> pwcheck_method: saslauthd
> tls_ca_file: /var/imap/server.pem
> tls_cert_file: /var/imap/server.pem
> tls_key_file: /var/imap/server.pem
> sasl_passwd_check: saslauthd
> sasl_ldap_servers: localhost
> sasl_ldap_bind_dn: uid=manager, ou=users, dc=wizards, dc=at
		     ^^^ should this be cn?
> sasl_ldap_bind_pw: mysecretpassword
> 
> When I try to connect to localhost with the root account, the following
> hapens:
> p15090634:~ # cyradm
> cyradm> connect localhost
> IMAP Password:Login failed: user not found at /usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Admin.pm line 78
> server: localhost: cannot authenticate
> localhost.localdomain>
> 
> and the connection results in these messages:
> Aug  6 22:42:31 p15090634 master[846]: process 858 exited, status 0
> Aug  6 22:42:31 p15090634 ctl_cyrusdb[857]: done checkpointing cyrus databases
> Aug  6 22:42:31 p15090634 master[846]: process 857 exited, status 0
> Aug  6 22:42:38 p15090634 master[861]: about to exec /usr/cyrus/bin/imapd
> Aug  6 22:42:38 p15090634 imap[861]: executed
> Aug  6 22:42:38 p15090634 imapd[861]: accepted connection
> Aug  6 22:42:47 p15090634 imapd[861]: badlogin: localhost.localdomain[127.0.0.1] plaintext root SASL(-13): user not found: checkpass failed
> 
> I've also configured /usr/local/etc/saslauthd.conf like this:
> ldap_servers: ldap://localhost/
> ldap_bind_dn: cn=manager, ou=users, dc=wizards, dc=at
		^^ or should this be uid?
> ldap_bind_pw: mysecretpassword
> ldap_version: 3
> ldap_search_base: dc=wizards, dc=at
> ldap_verbose: on
> ldap_debug: 3
> 
> Greetings, Lothar
>

Follow-Ups:
- Re: SASL Authentication against LDAP
  - From: Lothar Handl <ranger@wizards.at>

References:
- SASL Authentication against LDAP
  - From: Lothar Handl <ranger@wizards.at>
- Re: SASL Authentication against LDAP
  - From: Igor Brezac <igor@ipass.net>
- Re: SASL Authentication against LDAP
  - From: Lothar Handl <ranger@wizards.at>

Prev by Date: Re: login but no shell prompt
Next by Date: Re: Some problem with TLS
Index(es):
- Chronological
- Thread