On 19/07/10 21:18 +0600, OSHIM wrote:
i have configured saslauthd with openldap to authenticate MS AD when I run testsaslauthd -u swioshim -p Test2010 then i got 0: OK "Success." (swioshim is my MS AD user and Test2010 password coming from MS AD) but when i run ldapsearch -x -D "cn=swioshim,dc=myproject,dc=com" -W -b dc=myproject,dc=com then getting error : ldap_bind: Invalid credentials (49) please help
saslauthd will not be called for simple (non-sasl) binds. You will need to tell ldapsearch to bind with SASL, such as: ldapsearch -U swioshim -W -b dc=myproject,dc=com You'll need to configure /usr/lib/sasl2/slapd.conf with: pwcheck_method: saslauthd mech_list: plain login And if you want to map the derived authentication identity to a DN in your slapd tree, then you'll need to configure appropriate authz-regexp statements. See chapter 15 (Using SASL) of the OpenLDAP administrator's guide. -- Dan White