[Date Prev][Date Next] [Chronological] [Thread] [Top]

Cyrus IMAP/SASLV2 -> salsauthd -> PAM -> LDAP; indexing uid? (ITS#1713)

I have Cyrus IMAP 2.1.3 + SASLV2 2.1.2 deployed and clients
authenticate via "saslauthd" with auth mechanism "PAM" which in 
turn looks into "/etc/pam.d/imap" utilizing module "pam_ldap-140"
to check an LDAP repository (OpenLDAP 2.0.23). 

The PAM module "pam_ldap" interrogates the LDAP schema via the "uid"
attribute and if a matching "uid" is found passes the "userPassword"
attribute value to PAM for password verification. To provide for lookup
efficiency, I configured LDAP to ->

		"index uid eq"

However, with indexing on attribute "uid" set, authentication fails. If
LDAP attribute "uid" is not indexed, authentication is successful.

Any ideas of what could be occurring? What maybe ill-configured?