[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Postfix 2.0.16 CRAM/DIGEST-MD5 SMTP AUTH

Igor Brezac wrote:

You cannot use cram-md5, it does not support proxy authorization.  Use

O.k. digest-md5, then. I distrust plain, even with STARTTLS.

You can make this one regex

sasl-regexp uid=(.*),cn=.*,cn=auth


make sure the follwing works:

ldapsearch  -ZZ -Y digest-md5 -U admin -X u:tonni -H ldap:/// -w
adminpassword 'objectclass=*' dn

Hmmm ... it doesn't. cram-md5 does, but you've already told me that it's not what I'm looking for.

SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Insufficient access (50)
	additional info: SASL(-14): authorization failure: not authorized

I wonder why. You've already got me reading the relevant bits of ldapsearch and slapd.conf, so that I now understand better what's going on and why.

I shall have to keep on reading. Thanks, Igor. I'll come back if I can't work it out for myself. Maybe tomorrow.


Tony Earnshaw

Once the camel's head has entered your tent,
it's very difficult to stop the rest of the
animal from following it

Mail: billy-at-billy.demon.nl