[Date Prev][Date Next] [Chronological] [Thread] [Top]

SOLVED Re[4]: SASL MD5 - another try

To: openldap-software@OpenLDAP.org
Subject: SOLVED Re[4]: SASL MD5 - another try
From: Alexander Lunyov <lan_mailing@startatom.ru>
Date: Fri, 18 Jul 2003 17:39:02 +0400
In-reply-to: <1058525119.1650.4.camel@marin>
Organization: PO Start
References: <62471981.20030716161352@startatom.ru> <m31xwqtvch.fsf@marin.l4b.de> <1378995706.20030716184123@startatom.ru> <m33ch5k126.fsf@marin.l4b.de> <1072486008.20030717124726@startatom.ru> <m3n0fdie4o.fsf@marin.l4b.de> <1504041776.20030717160348@startatom.ru> <m3isq1i8xd.fsf@marin.l4b.de> <134166873.20030717174326@startatom.ru> <m3smp5gdtj.fsf@marin.l4b.de> <40915176.20030718092710@startatom.ru> <m3oezsp9sm.fsf@marin.l4b.de> <629319438.20030718123029@startatom.ru> <1058525119.1650.4.camel@marin>

Hello Dieter,

Friday, July 18, 2003, 2:45:19 PM, you wrote:

>> >>     How to store secrets in LDAP?
>> DK> You may use ldappasswd, or create an *.ldif file, or use a graphical
>> DK> tool like GQ or Ldapbrowser.
>>     No, i mean how to store SASL secrets in LDAP DB? Maybe i should do
>>     some configuration over SASL?
DK> It just struck my mind, that your problem might be a sasl realm.
DK> As default, sasl takes host.domain.tld als realm, unless defined
DK> otherwise. 
DK> Could you test with the cyrus-sasl test suite, if the sasl
DK> authentification string contains the sasl-realm, you provide in your
DK> saslRegexp?

    Bingo! You're genie! It's authorising me! Finally!

    It works with regexp

sasl-regexp uid=(.*),cn=DIGEST-MD5,cn=auth
    uid=$1,node=33(10),ou=users,dc=startatom,dc=ru

    Now next question - how can i modify this regexp, so not only
    users that attached to node=33(10) can authorise? I've tried to
    put it like

sasl-regexp uid=(.*),cn=DIGEST-MD5,cn=auth
    uid=$1,node=(.*),ou=users,dc=startatom,dc=ru

    ...but "user not found" error in here. I don't want to store all
    users in one 'node' or 'ou'. How should i fix this one?

-- 
Best regards,
 Alexander                            mailto:lan_mailing@startatom.ru

Follow-Ups:
- RE: SOLVED Re[4]: SASL MD5 - another try
  - From: "Andrey Nepomnyaschih" <A.Nepomnyaschih@chartpilot.ru>

References:
- SASL MD5 - another try
  - From: Alexander Lunyov <lan_mailing@startatom.ru>
- Re: SASL MD5 - another try
  - From: Dieter Kluenter <dieter@dkluenter.de>
- Re[2]: SASL MD5 - another try
  - From: Alexander Lunyov <lan_mailing@startatom.ru>
- Re: SASL MD5 - another try
  - From: Dieter Kluenter <dieter@dkluenter.de>
- Re: SASL MD5 - another try
  - From: Dieter Kluenter <dieter@dkluenter.de>
- Re[2]: SASL MD5 - another try
  - From: Alexander Lunyov <lan_mailing@startatom.ru>
- Re: SASL MD5 - another try
  - From: Dieter Kluenter <dieter@dkluenter.de>
- Re[2]: SASL MD5 - another try
  - From: Alexander Lunyov <lan_mailing@startatom.ru>
- Re: SASL MD5 - another try
  - From: Dieter Kluenter <dieter@dkluenter.de>
- Re: SASL MD5 - another try
  - From: Dieter Kluenter <dieter@dkluenter.de>
- Re[2]: SASL MD5 - another try
  - From: Alexander Lunyov <lan_mailing@startatom.ru>
- Re: Re[2]: SASL MD5 - another try
  - From: Dieter Kluenter <dieter@dkluenter.de>

Prev by Date: Re[3]: Radius Compatibility
Next by Date: RE: Re[3]: Radius Compatibility
Index(es):
- Chronological
- Thread