[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SASL authentication, user not found

To: <OpenLDAP-software@OpenLDAP.org>
Subject: RE: SASL authentication, user not found
From: "Karl Lattimer" <k.lattimer@nnc-consultancy.co.uk>
Date: Sat, 22 Mar 2003 18:06:05 -0000
Importance: Normal
Organization: No Nonsense Computer Consultancy

In reply to Howard Chu;

The Cyrus documentation states that the default SASL realm is the FQDN of
the host. This is the value that slapd uses. It appears from your
sasldblistusers output that your realm is not fully qualified. This kind of
mismatch is known to cause the user lookups to fail.

Also, the -X option for ldapsearch is only needed for proxy authorization.
Normally you would just use -U to bind with a specific username.

I've tried setting the realm to LSiaB, I'm now using; 

ldapsearch -U 'dn: uid=testuser,cn=LSiaB,cn=DIGEST-MD5,cn=auth' -b
'o=lsiab.lan' '(objectclass=*)'

With the SASL regexp set to (In reply to Tony Earnshaw);

sasl-regexp
        "uid=(.*),cn=LSiaB,cn=DIGEST-MD5,cn=auth"
        "uid=$1,ou=test,o=lsiab.lan"
#       "ldap:///o=lsiab.lan??sub?=uid=$1";

The # is there because I've been trying both with every thing I've changed.

Any other suggestions??

Follow-Ups:
- RE: SASL authentication, user not found
  - From: Tony Earnshaw <tonni@billy.demon.nl>
- RE: SASL authentication, user not found
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: RE: slurpd and tls replication
Next by Date: RE: slapd-bdb cachesize
Index(es):
- Chronological
- Thread