[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Trying to get the ldapdb plugin working.
What version of ldapdb do you use? I recommend fetching the latest one
from the the openldap CVS.
-Igor
On Wed, 8 Oct 2003, Tarjei Huse wrote:
> Hi, Thanks a lot for answering, I'm still not there yet though :-)
>
>
> > You need to have the following work:
> > ldapsearch -h localhost -Y digest-md5 -U tarjei -w tarjei \
> > -X u:<some_other_userid> -v '(objectClass=*)'
> Ok, I managed that.
> > > # in /usr/lib/sasl2:
> > > cat /usr/lib/sasl2/slapd.conf
> > > pwcheck_method: auxprop
> > > auxprop_plugin: ldapdb
> > ^^^^^^ This causing your hangs.
> > Change to:
> > auxprop_plugin: slapd
> Thanks I did that. Now using sasl with ldapsearches work.
> > /usr/lib/sasl2/slapd.conf is really not needed in your setup.
> Ok, I removed it.
>
> > > in imapd.conf I got:
> > > sasl_pwcheck_method: auxprop
> > > sasl_auxprop_plugin: ldapdb
> > > sasl_ldapdb_uri: ldap://localhost
> > > sasl_ldapdb_id: tarjei
> > > sasl_ldapdb_pw: tarjei
> > > sasl_ldapdb_mech: Digest-MD5 login
> >
> > 'login' mech will not work becuase it does not support proxy
> > authorization.
>
> Ok, I've removed login.
>
> Next, I need normal users to log in to the imapserver. I'm using ispman
> to mange my directory so my users have dns like:
> uid=tru_trude_com,ou=users,ispmanDomain=trude.com,o=ispman
>
> so I have set up two extra regexes:
> sasl-regexp uid=(.+),cn=DIGEST-MD5,cn=auth
> uid=$1,ou=users,ispmanDomain=(.+),o=ispman
>
> sasl-regexp uid=(.+),cn=(.+),cn=DIGEST-MD5,cn=auth
> uid=$1,ou=users,ispmanDomain=(.+),o=ispman
>
> They should cover all eventualities. When I run the command:
>
> imtest -v -p 143 -u tru_trude_com -w bbb ernaispman
>
> I get:
>
> Oct 8 17:47:41 erna slapd[13063]: conn=3 fd=7 ACCEPT from
> IP=127.0.0.1:1360 (IP=:: 389)
> Oct 8 17:47:41 erna slapd[13086]: conn=3 op=0 BIND dn="" method=163
> Oct 8 17:47:41 erna slapd[13065]: conn=3 op=1 BIND dn="" method=163
> Oct 8 17:47:41 erna slapd[13065]: SASL [conn=3] Error: unable to open
> Berkeley db /etc/sasldb2: No such file or directory
> Oct 8 17:47:41 erna last message repeated 2 times
> Oct 8 17:47:41 erna slapd[13065]: conn=3 op=1 BIND authcid="tarjei"
> Oct 8 17:47:41 erna slapd[13065]: conn=3 op=1 BIND
> dn="uid=tarjei,ou=admins,o=ispman" mech=DIGEST-MD5 ssf=128
> Oct 8 17:47:41 erna slapd[13065]: conn=3 op=3 SRCH
> base="uid=tarjei,ou=admins,o=ispman" scope=0 filter="(objectClass=*)"
> Oct 8 17:47:41 erna slapd[13065]: conn=3 op=3 SRCH attr=userPassword
> cmusaslsecretDIGEST-MD5
> Oct 8 17:47:41 erna slapd[13065]: conn=3 op=3 SEARCH RESULT tag=101
> err=0 nentries=1 text=
> Oct 8 17:47:41 erna slapd[13086]: conn=3 op=4 UNBIND
> Oct 8 17:47:41 erna slapd[13086]: conn=3 fd=7 closed
> Oct 8 17:47:57 erna slapd[13063]: conn=4 fd=7 ACCEPT from
> IP=127.0.0.1:1361 (IP=:: 389)
> Oct 8 17:47:57 erna slapd[13065]: conn=4 op=0 BIND dn="" method=163
> Oct 8 17:47:57 erna slapd[13086]: conn=4 op=1 BIND dn="" method=163
> Oct 8 17:47:57 erna slapd[13086]: SASL [conn=4] Error: unable to open
> Berkeley db /etc/sasldb2: No such file or directory
> Oct 8 17:47:57 erna last message repeated 2 times
> Oct 8 17:47:57 erna slapd[13086]: conn=4 op=1 BIND authcid="tarjei"
> Oct 8 17:47:57 erna slapd[13086]: conn=4 op=1 BIND
> dn="uid=tarjei,ou=admins,o=ispman" mech=DIGEST-MD5 ssf=128
> Oct 8 17:47:57 erna slapd[13086]: conn=4 op=3 SRCH
> base="uid=tarjei,ou=admins,o=ispman" scope=0 filter="(objectClass=*)"
> Oct 8 17:47:57 erna slapd[13086]: conn=4 op=3 SRCH attr=userPassword
> cmusaslsecretDIGEST-MD5
> Oct 8 17:47:57 erna slapd[13086]: conn=4 op=3 SEARCH RESULT tag=101
> err=0 nentries=1 text=
> Oct 8 17:47:57 erna slapd[13065]: conn=4 op=4 UNBIND
> Oct 8 17:47:57 erna slapd[13065]: conn=4 fd=7 closed
>
> I.e what became of the user I wanted to log in as? What should I do to
> get that part working?
>
> Many thanks for your help.
>
> Tarjei
>
>
>
>
--
Igor