[Date Prev][Date Next] [Chronological] [Thread] [Top]

Issues in implementing SASL

To: openldap-technical@openldap.org
Subject: Issues in implementing SASL
From: Gaurav Gugnani <gugnanigaurav@gmail.com>
Date: Mon, 30 Jan 2012 17:55:38 +0530
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=hj7+gNeGZbiOC/XL1tdfrBi+wutIlTKnaBF/9hJ1tJo=; b=Z4q7KB52kmK63+Ua6wOZMkIxxyOr28wWI7iAPdteaNQYuCDJsX+R1rLKVOTPM6syWn EUG1Y/FjD3cgWEudMOWLd26w8wQVVtgCXNS+fhANMhpeSmqmkOPrcdvkuiqjAmIc/l7i HJYNwowMhxpEXVrC+MSdlEejCx/wDH5RO0Sjs=

Hello All,

I'm trying to configure SASL on openldap and did following steps:

1> Modify the password of the user:
     saslpasswd2 -c -u <realm> <username>
2> Then i modify slapd.conf:
    sasl-regexp uid=(.*),cn=<realm>,cn=DIGEST-MD5,cn=auth uid=$1,ou=System,o=<realm>
3> After this i try to do ldapsearch and it gave me an error:
    ldap_bind: Server is unwilling to perform (53)
        additional info: unauthenticated bind (DN with no password) disallowed

Somewhere i read that we have to provide SASL information in slapd.conf however when i write below mentioned content - then ldap doesn't re-start.
dn:uid=<username>,ou=System,o=<realm>
bindmethod=sasl
saslmech=DIGEST-MD5
credentials=<password>
realm=<realm>

Please help in resolving SASL mechanism to be used.

Thanks and Regards,
Gaurav Gugnani

Follow-Ups:
- Re: Issues in implementing SASL
  - From: Dieter KlÃnter <dieter@dkluenter.de>

Prev by Date: Search on whole tree gives result, search on subtree not
Next by Date: Re: Search on whole tree gives result, search on subtree not
Index(es):
- Chronological
- Thread