[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL Bind vs. PHP Bind

To: "Mike O'Rourke" <mjoop@curia.op.org>
Subject: Re: SASL Bind vs. PHP Bind
From: "Herbert G. Fischer" <hgfischer@trama.com>
Date: Fri, 21 Feb 2003 10:34:10 -0300
Cc: openldap-software@OpenLDAP.org
In-reply-to: <se556ce8.074@border.curia.op.org>
Organization: Trama.COM
References: <se556ce8.074@border.curia.op.org>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.2.1) Gecko/20021130

Yes,

I forgot to mention that I've tryed with and without this piece
of string with no success.

Mike O'Rourke wrote:

"Herbert G. Fischer" <hgfischer@trama.com> 02/20/03 11:13pm >>>


Hi again,

I'm using Postfix+SASL+OpenLDAP to do SMTPd autentication for users,
and it's working very well.

But, I'm creating a small system with PHP that must authenticate on
LDAP too (using ldap_bind). But it's not working and I don't have idea
why, since my log messages doesn't show me nothing important.

##### This is a syslog output from Postfix+SASL+OpenLDAP:

Feb 20 18:57:20 corpmail slapd[21043]: conn=7476 op=4 SRCH
base="o=corpmail,dc=trama,dc=com,dc=br" scope=2
filter="(mail=hgfischer@trama.com)"
Feb 20 18:57:20 corpmail slapd[21043]: conn=7476 op=4 SEARCH RESULT
tag=101
err=0 nentries=1 text=
Feb 20 18:57:20 corpmail slapd[21028]: conn=7476 op=5 AUTHZ anonymous
mech=implicit ssf=0
Feb 20 18:57:20 corpmail slapd[21028]: conn=7476 op=5 BIND
dn="mail=hgfischer@trama.com,jvd=trama.com,o=corpmail,dc=trama,dc=com,dc=br"
method=128
Feb 20 18:57:20 corpmail slapd[21028]: conn=7476 op=5 AUTHZ
dn="mail=hgfischer@trama.com,jvd=trama.com,o=corpmail,dc=trama,dc=com,dc=br"
mech=simple ssf=0
Feb 20 18:57:20 corpmail slapd[21028]: conn=7476 op=5 RESULT tag=97
err=0
text=
Feb 20 18:57:20 corpmail slapd[21042]: conn=7476 op=6 AUTHZ anonymous
mech=implicit ssf=0
Feb 20 18:57:20 corpmail slapd[21042]: conn=7476 op=6 BIND
dn="cn=Manager,o=corpmail,dc=trama,dc=com,dc=br" method=128
Feb 20 18:57:20 corpmail slapd[21042]: conn=7476 op=6 AUTHZ
dn="cn=Manager,o=corpmail,dc=trama,dc=com,dc=br" mech=simple ssf=0
Feb 20 18:57:20 corpmail slapd[21042]: conn=7476 op=6 RESULT tag=97
err=0
text=

##### This is a syslog output from PHP+OpenLDAP:

Feb 20 18:59:11 corpmail slapd[20890]: conn=7579 fd=19 ACCEPT from
IP=127.0.0.1:47311 (IP=0.0.0.0:389)
Feb 20 18:59:11 corpmail slapd[21332]: conn=7579 op=0 BIND
dn="mail=hfischer@trama.com,o=corpmail,dc=trama,dc=com,dc=br"
method=128
Feb 20 18:59:11 corpmail slapd[21332]: conn=7579 op=0 RESULT tag=97
err=49
text=
Feb 20 18:59:11 corpmail slapd[21453]: conn=7579 op=1 UNBIND
Feb 20 18:59:11 corpmail slapd[21453]: conn=7579 fd=19 closed

I know that there is a lot of difference on them, but it not seems
logic to
me. Can anyone explain me what I need to auth someone via lda_bind??

Thanks,

Herbert


The only thing I see from this is that the (unsuccessful) PHP bind is
missing the "jvd=trama.com" component after "mail=hgfischer@trama.com"
in it's dn.

Mike.

Follow-Ups:
- Re: SASL Bind vs. PHP Bind
  - From: Chris Maxwell <source@gateweaver.com>

References:
- Re: SASL Bind vs. PHP Bind
  - From: "Mike O'Rourke" <mjoop@curia.op.org>

Prev by Date: Openldap crashes on GSSAPI authentication
Next by Date: Re: empty attributes?
Index(es):
- Chronological
- Thread