[Date Prev][Date Next]
Re: Problem with openldap 2.0.6 and SASL [follow-up]
Went to CVS and got most recent, cutting-edge, sasl.c and recompiled
slapd. This DID NOT resolve the problem. Also, though I've tried a
number of variations of arguments with ldapadd without success, the
variation that seems the most correct to me is:
ldapadd -f cheshire-init.ldif -D "firstname.lastname@example.org"
It still fails, as below, with the error "Insufficient Access" which
means I successfully authenticated but the server doesn't think I'm
authorized. Also, one other thing I forgot to mention. Immediately
after ldapadd prompts me and I enter my password, it prints out "SASL
SSF: 0". Where is the ssf of 0 coming from? I've tried seeting
"security ssf=56" in slapd.conf, and that doesn't make any difference.
--On 10/28/00 06:01:18 PM -0700 Rob Tanner
I installed openldap-2.0.6 with SASL support of redhat 6.2. It build
and test without a hitch. In running configure, I included the
"--with-cyrus-sasl" and the "--enable-spasswd" parameters. In
slapd.conf, I've included the following lines:
sasl-secprops noanonymous minssf=56
But when I try to use ldapadd, no combination of options that I tried
would work. After I entered my password (mech=CRAM-MD5), ldapadd
would return with the error "Insufficient Access".
I know SASL is ok. I installed and configured it on the same machine
several months ago and it gets used continuously for Cyrus IMAP and
AUTH SMTP. The docs are all pretty sparse, so I wouldn't be
surprised if I'm just doing something wrong.
All suggestions appreciated. Thanks.
_ _ _ _ _ _ _ _ _ _
/\_\_\_\_\ /\_\ /\_\_\_\_\_\
/\/_/_/_/_/ /\/_/ \/_/_/_/_/_/ QUIDQUID LATINE DICTUM SIT,
/\/_/__\/_/ __ /\/_/ /\/_/ PROFUNDUM VIDITUR
/\/_/_/_/_/ /\_\ /\/_/ /\/_/
/\/_/ \/_/ /\/_/_/\/_/ /\/_/ (Whatever is said in Latin
\/_/ \/_/ \/_/_/_/_/ \/_/ appears profound)