Re: Trying to get passthrough auth working with OpenLDAP and Kerberos

[Dan White <dwhite@olp.net>]

On 01/25/12 12:14 -0800, Chastity Blackwell wrote:
> For the last two weeks I have been on a sojourn through the wonderful
> world of LDAP, Kerberos, and SASL, which has had me banging my head
> against the desk more often than not. Today I'm finally crying uncle and
> asking for some help.
 
> [chas@ldapsandbox]$ ldapwhoami -x -D
> 'uid=chas,ou=People,dc=test,dc=domain' -W
> Enter LDAP Password:
> ldap_bind: Invalid credentials (49)
> [chas@ldapsandbox]$
>
> syslog shows this:
 
> 2012-01-25T12:04:55-08:00 ldapsandbox slapd[14363]: SASL [conn=6]
> Failure: cannot connect to saslauthd server: No such file or directory
 
> Meanwhile, the saslauthd I'm running with /usr/sbin/saslauthd -a
> kerberos5 -d doesn't even show a connection or anything to the console.
> Any idea why it can't connect to the saslauthd server?
 
> And here's my /etc/sasl2/slapd.conf:
>
> pwcheck_method: saslauthd
> saslauthd_path: /var/run/sasl2/mux

Verify (with netstat) that saslauthd is listening on '/var/run/sasl2/mux',
and verify the user/group that slapd is running under has permissions to
access /var/run/sasl2.

--
Dan White