[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SOLVED Re[4]: SASL MD5 - another try

You mights try to put something like that:
	sasl-regexp uid=(.*),cn=DIGEST-MD5,cn=auth

Have a good time,
Andrey Nepomnyaschih

-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of Alexander
Sent: Friday, July 18, 2003 5:39 PM
To: openldap-software@OpenLDAP.org
Subject: SOLVED Re[4]: SASL MD5 - another try

Hello Dieter,

Friday, July 18, 2003, 2:45:19 PM, you wrote:

>> >>     How to store secrets in LDAP?
>> DK> You may use ldappasswd, or create an *.ldif file, or use a 
>> DK> graphical tool like GQ or Ldapbrowser.
>>     No, i mean how to store SASL secrets in LDAP DB? Maybe i should
>>     some configuration over SASL?
DK> It just struck my mind, that your problem might be a sasl realm. As 
DK> default, sasl takes host.domain.tld als realm, unless defined 
DK> otherwise. Could you test with the cyrus-sasl test suite, if the 
DK> sasl authentification string contains the sasl-realm, you provide in

DK> your saslRegexp?

    Bingo! You're genie! It's authorising me! Finally!

    It works with regexp

sasl-regexp uid=(.*),cn=DIGEST-MD5,cn=auth

    Now next question - how can i modify this regexp, so not only
    users that attached to node=33(10) can authorise? I've tried to
    put it like

sasl-regexp uid=(.*),cn=DIGEST-MD5,cn=auth

    ...but "user not found" error in here. I don't want to store all
    users in one 'node' or 'ou'. How should i fix this one?

Best regards,
 Alexander                            mailto:lan_mailing@startatom.ru