[Date Prev][Date Next] [Chronological] [Thread] [Top]

Cyrus IMAP/SASLV2 -> salsauthd -> PAM -> LDAP; indexing uid? (ITS#1713)

To: openldap-its@OpenLDAP.org
Subject: Cyrus IMAP/SASLV2 -> salsauthd -> PAM -> LDAP; indexing uid? (ITS#1713)
From: consulting@ocns.com
Date: Tue, 2 Apr 2002 15:56:29 GMT

I have Cyrus IMAP 2.1.3 + SASLV2 2.1.2 deployed and clients
authenticate via "saslauthd" with auth mechanism "PAM" which in 
turn looks into "/etc/pam.d/imap" utilizing module "pam_ldap-140"
to check an LDAP repository (OpenLDAP 2.0.23). 

The PAM module "pam_ldap" interrogates the LDAP schema via the "uid"
attribute and if a matching "uid" is found passes the "userPassword"
attribute value to PAM for password verification. To provide for lookup
efficiency, I configured LDAP to ->

		"index uid eq"

However, with indexing on attribute "uid" set, authentication fails. If
LDAP attribute "uid" is not indexed, authentication is successful.

Any ideas of what could be occurring? What maybe ill-configured?

	
RB

Prev by Date: RE: ITS#1570 slapd crashes during search query
Next by Date: Memory allocation bug in SASL code (ITS#1714)
Index(es):
- Chronological
- Thread