[Date Prev][Date Next]
SASL authentication and simple bind
I am using OpenLDAP (2.0.18) authenticating on a WinNT
domain PDC via SASL and PAM_winbind module
OpenLDAP ==> SASL ==> PAM ==> pam_winbind ==> NT PDC server
SASL mechanism used is PLAIN
SASL secprops has NONE value in 'ldap.conf 'and 'slapd.conf' files
When using 'ldapsearch' with SASL auth
(i.e. : 'ldapsearch -L -U MYNTDOMAIN_myntuid -b "mydc"....')
All works fine : the user NTDOMAIN_myntuid is correctly
authenticated on my WinNT PDC serveur, then ldapsearch
results are printed
Trace in system log confirms that pam_winbind module has
When I try ldapsearch with simple authentication (with -x and -W flags)
('ldapsearch -L -x -W -D "cn=myname,ou=people,dc=mydc" -b "mydc"....')
ldap_bind: Invalid credentials
my 'people' database has an entry
with a 'userPassword' attribute.
Slapd has SASL spassword enabled ( --enable-spaswd) (as mentionned in a
Kurt's message found in this mailing list history)
launching Slapd in debug mode (-d 255)
I can verify that the password is well typed.
But I can find PAM call trace in the system log. It seems that SASL doesn't
make the call to the PAM modules
What is misconfigured ? What am I doing wrong ?
Is the value syntax of the userPassword attribute not correct ?
Any help ?