[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: newbie question. SASL auth.

To: "Jose Correia (J)" <CorreiJ@telkom.co.za>, <openldap-software@OpenLDAP.org>
Subject: Re: newbie question. SASL auth.
From: Ilya Bassine <lanmot@cwrussia.ru>
Date: Tue, 27 Aug 2002 17:57:07 +0400
In-reply-to: <C4A1C30D4E65F949817239A698DCD50D33DD07@TYGRRA01-XCS00.telkom.co.za>
Organization: NOC Cable & Wireless
References: <C4A1C30D4E65F949817239A698DCD50D33DD07@TYGRRA01-XCS00.telkom.co.za>
User-agent: KMail/1.4.1

On Tuesday 27 August 2002 13:45, Jose Correia (J) wrote:
> In the line:
>
> rootdn          "uid=root,cn=myorg.ru,cn=auth.cn-digest-md5"

replaced by:
rootdn          "uid=root,cn=myorg.ru,cn=auth,cn=digest-md5"    

>
> you have a . instead of a comma btw cn=auth and cn=digest-md5
> plus you have a - instead of a = in cn-digest-md5
>

result is the same


> Cheers
> Jose
>
>
>
>
> -----Original Message-----
> From: Ilya Bassine [mailto:lanmot@cwrussia.ru]
> Sent: 27 August 2002 11:15
> To: openldap-software@OpenLDAP.org
> Subject: newbie question. SASL auth.
>
>
> Hi,
>
> could you please tell me what did I wrong?
> Here you are my system:
>
> Slackware-8.1
> Berkeley db-4.0.14
> sasl-2.1.7
> openldap 2.1.14 was compiled with SASL ( --enable-spasswd)
>
> user root has been put into sasldb:
> #############################################################
> root@myhost:/etc/openldap# saslpasswd2 -c root -n
> Password:
> Again (for verification):
> root@myhost:/etc/openldap# sasldblistusers2
> root@myhost: cmusaslsecretOTP
> root@myhost:
> #############################################################
>
> #############################################################
> #/etc/openldap/slapd.conf
> include         /etc/openldap/schema/core.schema
> include         /etc/openldap/schema/misc.schema
> include         /etc/openldap/schema/cosine.schema
> include         /etc/openldap/schema/inetorgperson.schema
> pidfile         /var/ldap/slapd.pid
> argsfile        /var/ldap/slapd.args
> loglevel -1
> backend bdb
> backend ldap
> database        bdb
> sasl-regexp uid=(.*),cn=.*,cn=digest-md5,cn=auth uid=$1,dc=myorg,dc=ru
> suffix          "dc=myorg,dc=ru"
> rootdn          "uid=root,cn=myorg.ru,cn=auth.cn-digest-md5"
> directory       /var/ldap/openldap-data
> index   objectClass     eq
> access to attr=userPassword
>     by self write
>     by anonymous auth
>     by dn="uid=root,cn=myorg.ru,cn=auth,cn=digest-md5" write
>     by * none
> access to *
>     by self write
>     by dn="uid=root,cn=myorg.ru,cn=auth,cn=digest-md5" write
>     by * read
> #############################################################
>
> when I'm trying to add the ldif file, system gives me an error:
> #############################################################
> bash-2.05a$ ldapadd -X uid=root,cn=myorg.ru,cn=auth,cn=digest-md5  -W
> -f  \
> ~ilya/ldap_test/entry.test
>
> Enter LDAP Password:
> SASL/OTP authentication started
> ldap_sasl_interactive_bind_s: Insufficient access (50)
> additional info: SASL(-14): authorization failure:
> Inappropriate authentication
> bash-2.05a$
> #############################################################
>
> what did I wrong?
>
> Thank you for your help in advanvce
>
> Ilya

Follow-Ups:
- Re: newbie question. SASL auth.
  - From: Tony Earnshaw <tonni@billy.demon.nl>

References:
- RE: newbie question. SASL auth.
  - From: "Jose Correia (J)" <CorreiJ@telkom.co.za>

Prev by Date: ACL in the entries ?
Next by Date: Question on GSSAPI-authentication
Index(es):
- Chronological
- Thread