[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL Auth with -d ok, otherwise internal error 80

To: Dieter Kluenter <dieter@dkluenter.de>
Subject: Re: SASL Auth with -d ok, otherwise internal error 80
From: <lists@supported.de>
Date: Fri, 05 Mar 2010 10:03:27 +0100
Cc: Openldap technical <openldap-technical@openldap.org>
In-reply-to: <87sk8frxfx.fsf@rubin.avci.de>
References: <6addb2db134fe0e779a950f69fe66771@localhost> <87sk8frxfx.fsf@rubin.avci.de>
User-agent: RoundCube Webmail/0.3-stable

On Fri, 05 Mar 2010 09:21:06 +0100, "Dieter Kluenter"
<dieter@dkluenter.de>
wrote:
> <lists@supported.de> writes:
> 
>> Hello list,
>>
>> this is my first time trying to set up SASL, I'm probably doing
>> something wrong. Anyhow:
> [...]
>> - when starting slapd without -d I get:
>>
>> $ ldapsearch -v -h localhost -LLL -U ldapadmin -D
>> "cn=ldapadmin,ou=Users,dc=hh,dc=supported,dc=de" -b
>> "ou=Users,dc=hh,dc=supported,dc=de" -s sub "cn=ldapadmin"
>> ldap_initialize( ldap://localhost:10389 )
>> SASL/DIGEST-MD5 authentication started
>> Please enter your password: 
>> ldap_sasl_interactive_bind_s: Internal (implementation specific) error
>> (80)
>>         additional info: SASL(-1): generic failure: 
> 
> try ldapsearch -Y DIGEST-MD5 -U ldapadmin -w password -b ...

I did try without -D before, it doesn't help:
$ ldapsearch -v -h localhost -LLL -Y DIGEST-MD5 -U ldapadmin -w ***** -b
"ou=Users,dc=hh,dc=supported,dc=de" -s sub "cn=ldapadmin" '*'
ldap_initialize( ldap://localhost:389 )
SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Internal (implementation specific) error
(80)
        additional info: SASL(-1): generic failure: 

Again:
the strange point being that when starting slapd from CLI with -d XXX
everything works. I only get the error when letting slapd disassociate (ie
without -d):

# /etc/init.d/openldap stop
Stopping OpenLDAP ...[ok]
# /usr/local/openldap/libexec/slapd -f
/usr/local/openldap/etc/openldap/slapd.conf -d 64
...
slapd starting

$ ldapsearch -v -h localhost -LLL -Y DIGEST-MD5 -U ldapadmin -w **** -b
"ou=Users,dc=hh,dc=supported,dc=de" -s sub "cn=ldapadmin" '*'
ldap_initialize( ldap://localhost:389 )
SASL/DIGEST-MD5 authentication started
SASL username: ldapadmin
SASL SSF: 128
SASL installing layers
filter: cn=ldapadmin
requesting: * 
dn: cn=ldapadmin,ou=Users,dc=hh,dc=supported,dc=de
cn: ldapadmin
gidNumber: 5000
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: posixAccount
objectClass: person
objectClass: top
sn: Admin
uid: ldapadmin
uidNumber: 5000
homeDirectory: /tmp
userPassword:: ****

...back to root shell, stop slapd and restart without -d...
# ^c
...
slapd stopped.
# /usr/local/openldap/libexec/slapd -f
/usr/local/openldap/etc/openldap/slapd.conf

$ ldapsearch -v -h localhost -LLL -Y DIGEST-MD5 -U ldapadmin -w *** -b
"ou=Users,dc=hh,dc=supported,dc=de" -s sub "cn=ldapadmin" '*'
ldap_initialize( ldap://localhost:10389 )
SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Internal (implementation specific) error
(80)
        additional info: SASL(-1): generic failure: 

Any idea? Thanks!

Btw: I've duplicated this setup on a Debian box. On that one everything
works...

Cheers, Ralph

References:
- SASL Auth with -d ok, otherwise internal error 80
  - From: <lists@supported.de>
- Re: SASL Auth with -d ok, otherwise internal error 80
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: Re: SASL Auth with -d ok, otherwise internal error 80
Next by Date: OpenLDAP authentication problem, need help
Index(es):
- Chronological
- Thread