[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Trying to get the ldapdb plugin working.
Hi, Thanks a lot for answering, I'm still not there yet though :-)
> You need to have the following work:
> ldapsearch -h localhost -Y digest-md5 -U tarjei -w tarjei \
> -X u:<some_other_userid> -v '(objectClass=*)'
Ok, I managed that.
> > # in /usr/lib/sasl2:
> > cat /usr/lib/sasl2/slapd.conf
> > pwcheck_method: auxprop
> > auxprop_plugin: ldapdb
> ^^^^^^ This causing your hangs.
> Change to:
> auxprop_plugin: slapd
Thanks I did that. Now using sasl with ldapsearches work.
> /usr/lib/sasl2/slapd.conf is really not needed in your setup.
Ok, I removed it.
> > in imapd.conf I got:
> > sasl_pwcheck_method: auxprop
> > sasl_auxprop_plugin: ldapdb
> > sasl_ldapdb_uri: ldap://localhost
> > sasl_ldapdb_id: tarjei
> > sasl_ldapdb_pw: tarjei
> > sasl_ldapdb_mech: Digest-MD5 login
>
> 'login' mech will not work becuase it does not support proxy
> authorization.
Ok, I've removed login.
Next, I need normal users to log in to the imapserver. I'm using ispman
to mange my directory so my users have dns like:
uid=tru_trude_com,ou=users,ispmanDomain=trude.com,o=ispman
so I have set up two extra regexes:
sasl-regexp uid=(.+),cn=DIGEST-MD5,cn=auth
uid=$1,ou=users,ispmanDomain=(.+),o=ispman
sasl-regexp uid=(.+),cn=(.+),cn=DIGEST-MD5,cn=auth
uid=$1,ou=users,ispmanDomain=(.+),o=ispman
They should cover all eventualities. When I run the command:
imtest -v -p 143 -u tru_trude_com -w bbb ernaispman
I get:
Oct 8 17:47:41 erna slapd[13063]: conn=3 fd=7 ACCEPT from
IP=127.0.0.1:1360 (IP=:: 389)
Oct 8 17:47:41 erna slapd[13086]: conn=3 op=0 BIND dn="" method=163
Oct 8 17:47:41 erna slapd[13065]: conn=3 op=1 BIND dn="" method=163
Oct 8 17:47:41 erna slapd[13065]: SASL [conn=3] Error: unable to open
Berkeley db /etc/sasldb2: No such file or directory
Oct 8 17:47:41 erna last message repeated 2 times
Oct 8 17:47:41 erna slapd[13065]: conn=3 op=1 BIND authcid="tarjei"
Oct 8 17:47:41 erna slapd[13065]: conn=3 op=1 BIND
dn="uid=tarjei,ou=admins,o=ispman" mech=DIGEST-MD5 ssf=128
Oct 8 17:47:41 erna slapd[13065]: conn=3 op=3 SRCH
base="uid=tarjei,ou=admins,o=ispman" scope=0 filter="(objectClass=*)"
Oct 8 17:47:41 erna slapd[13065]: conn=3 op=3 SRCH attr=userPassword
cmusaslsecretDIGEST-MD5
Oct 8 17:47:41 erna slapd[13065]: conn=3 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Oct 8 17:47:41 erna slapd[13086]: conn=3 op=4 UNBIND
Oct 8 17:47:41 erna slapd[13086]: conn=3 fd=7 closed
Oct 8 17:47:57 erna slapd[13063]: conn=4 fd=7 ACCEPT from
IP=127.0.0.1:1361 (IP=:: 389)
Oct 8 17:47:57 erna slapd[13065]: conn=4 op=0 BIND dn="" method=163
Oct 8 17:47:57 erna slapd[13086]: conn=4 op=1 BIND dn="" method=163
Oct 8 17:47:57 erna slapd[13086]: SASL [conn=4] Error: unable to open
Berkeley db /etc/sasldb2: No such file or directory
Oct 8 17:47:57 erna last message repeated 2 times
Oct 8 17:47:57 erna slapd[13086]: conn=4 op=1 BIND authcid="tarjei"
Oct 8 17:47:57 erna slapd[13086]: conn=4 op=1 BIND
dn="uid=tarjei,ou=admins,o=ispman" mech=DIGEST-MD5 ssf=128
Oct 8 17:47:57 erna slapd[13086]: conn=4 op=3 SRCH
base="uid=tarjei,ou=admins,o=ispman" scope=0 filter="(objectClass=*)"
Oct 8 17:47:57 erna slapd[13086]: conn=4 op=3 SRCH attr=userPassword
cmusaslsecretDIGEST-MD5
Oct 8 17:47:57 erna slapd[13086]: conn=4 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Oct 8 17:47:57 erna slapd[13065]: conn=4 op=4 UNBIND
Oct 8 17:47:57 erna slapd[13065]: conn=4 fd=7 closed
I.e what became of the user I wanted to log in as? What should I do to
get that part working?
Many thanks for your help.
Tarjei