[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re[2]: SASL MD5 - another try

Hello Dieter,

Thursday, July 17, 2003, 11:20:40 PM, you wrote:

>> DK> Are you shure, your saslRegexp are correctly set? 
>>     I've already send to list my config, see earlier messages in this
>>     thread. Here is regexp
>> sasl-regexp uid=(.*),cn=startatom.ru,cn=digest-md5,cn=auth
>>         uid=$1,none=33(10),ou=users,dc=startatom,dc=ru
DK> AFAIK regular expressions are case sensitiv, that is the sasl
DK> mechanism should read cn=DIGEST-MD5.

    Now that's it! At least now it asks for password :) Thanks for
    opening my eyes!

DK> For testing purposes just try 
DK> sasl-regexp uid=(.*),cn=startatom,cn=*,cn=auth

    I've tried also this, but - see below.

DK> is node=33(10) a typo? or is in your sasl-regexp a typo.

    In sasl-regexp was a typo. And also uppercase of DIGEST-MD5. Now
    i have

ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
        additional info: SASL(-13): user not found: no secret in database

    And with -d -1 in the log i don't see, that sasl-regexp are even
    touched - it something like searches for user in sasldb only, but
    that's not what i'm expecting :( All in vain :(

    Once again - now with SASL working - should i compile ldapdb
    auxprop plugin? The only thing i want is to get rid of sasldb and,
    as it said in Admin's Guide, store secrets in LDAP itself. Or
    should i somehow modify LDAP structure? Or should i do what?

    How to store secrets in LDAP?

Best regards,
 Alexander                            mailto:lan_mailing@startatom.ru