[Date Prev][Date Next]
Re: saslauxprop and libldapdb, auxpropfunc error -7
On Thursday, March 6, 2003, at 01:53 PM, Igor Brezac wrote:
On Thu, 6 Mar 2003, Joe Rhodes wrote:
Howard, Igor, Rob, et. al.,
I've tried applying the changes as Howard suggested below. It has
succeeded in preventing the "auxpropfunc error -7" message from
up when Cyrus IMAP invokes the SASL library to do a user/password
verification. However, there is still no bind (or any activity for
that matter) with slapd. It just reports an error "SASL(-13): user
found: checkpass failed" in the system log. I guess at this point
at least expecting it to query the ldap server, even if it isn't
successful. My imap.conf file is as so (per previous
admins: cyrus root
sasl_ ldapdb_id: admin
sasl_ ldapdb_pw: password
sasl_ ldapdb_mech: PLAIN
This should work, I assume extra spaces is just a typo.
Are you certain the plugin is contacting the ldap server
(ldap://127.0.0.1)? If this is the case, can 'ldapdb_id: admin' be
for proxy authorization privileges to every account that is allowed to
Actually, no, my plugin is NOT contacting the server, running on the
same host. I've tried using both
As of yet, I have not been able to get the Cyrus SASL plugin to query
the server at all. I'm running slapd with debug of 256. This seems to
splash plenty of info in the console window anytime an application
queries it (say, Netscape Mail, for instance).
Which are the extra spaces you speak of?
Is there some way to get more error messages out of the auxprop plugin?
Perhaps if I could see what it thinks it has for arguments, what it's
trying to do when it fails, etc. Right now all I have is that it
doesn't contact OpenLDAP and can't find the user [SASL (-13)user not
found: checkpass failed]
Up to this point, I've applied the patches Howard Chu offered earlier
to get rid of the "auxpropfunc error -7" messages. I no longer get
that message when an SASL-enabled server tries to use the auxprop
Have others gotten this to work? If they have, then I must be missing
something here. Once I do (if I do) get this working, I intend to
document the adventure. I'd guess that this would be pertinent to
others that use similar software (sendmail and Cyrus IMAP) who want to
use a more secure method of password exchange/authentication.
Thanks for everyone's help thus far.