[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Postfix 2.0.16 CRAM/DIGEST-MD5 SMTP AUTH

Tony Earnshaw wrote:

ldapsearch  -ZZ -Y digest-md5 -U admin -X u:tonni -H ldap:/// -w
adminpassword 'objectclass=*' dn

Hmmm ... it doesn't. cram-md5 does, but you've already told me that it's not what I'm looking for.

SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Insufficient access (50)
    additional info: SASL(-14): authorization failure: not authorized

I wonder why. You've already got me reading the relevant bits of ldapsearch and slapd.conf, so that I now understand better what's going on and why.

Reading the Admin guide (right at the end) really does work wonders. How many times have I urged others to do so?

Now if I do:

sasl-regexp uid=(.*),cn=.*,cn=auth "ldap:///dc=billy,dc=demon,dc=nl??sub?uid=admin";

instead of

sasl-regexp uid=(.*),cn=.*,cn=auth "ldap:///dc=billy,dc=demon,dc=nl??sub?uid=$1";

ldapsearch  -ZZ -Y digest-md5 -U admin -X u:tonni -H ldap:/// -w
adminpassword 'objectclass=*' dn

works. For some reason, the regexp $1 isn't working.

And Howard's ldapdb auxprop 1.9 still doesn't work, get the same fault.


Tony Earnshaw

Once the camel's head has entered your tent,
it's very difficult to stop the rest of the
animal from following it

Mail: billy-at-billy.demon.nl