[Date Prev][Date Next] [Chronological] [Thread] [Top]

saslauxprop and libldapdb, auxpropfunc error -7

Hello everyone:

I'm not quite sure if this belongs on this list or the Cyrus-SASL list, but thought I'd start here.

I would like to have services that use SASL authentication (specifically Cyrus IMAP) be capable of CRAM-MD5 and DIGEST-MD5 authentication with the users password being stored in OpenLDAP, instead of the standard /etc/sasldb. My goal is to be able to have one store for usernames and passwords that I can use across multiple services (i.e., login, Cyrus IMAP, Squid, etc).

If I understand correctly, I the way to do this is with the Cyrus "auxprop" mechanism. In the "contrib" directory of the OpenLDAP (version 2.1.12) distribution, there is Howard Chu's libldapdb plugin. I've attempted to follow his instructions on compiling and installing it, and as far as I can tell, I've been successful.

However I have no joy when trying to us it. When I start slapd, I immediately note an error in my system log

Phoenicia slapd[9847]:  auxpropfunc error -7

I get the same error as soon as my IMAP server tries to authenticate a user. I see no messages from the console where slapd is running in debug mode (256). Running the IMAP server in gdb, and using the "show info" command, it does not appear that the libldapdb library is loaded. My assumption is that I've not compiled it correctly. I've been less than successful in finding much other documentation around for doing this. If anyone knows of some, It would be helpful. Once I muddle my way though this, I'll post the procedure.

Pertinent info:

RedHat 8.0 on Intel (dual PIII)
Cyrus SASL 2.1.12
OpenLDAP 2.1.14
Berkeley DB 4.1.25
Openssl 0.9.7a

Thanks for any insight or help.