Re: Postfix 2.0.16 CRAM/DIGEST-MD5 SMTP AUTH

[Tony Earnshaw <tonni@billy.demon.nl>]

Tony Earnshaw wrote:

> > ldapsearch  -ZZ -Y digest-md5 -U admin -X u:tonni -H ldap:/// -w
> > adminpassword 'objectclass=*' dn
>
>
> Hmmm ... it doesn't. cram-md5 does, but you've already told me that it's 
> not what I'm looking for.
>
> SASL/DIGEST-MD5 authentication started
> ldap_sasl_interactive_bind_s: Insufficient access (50)
>     additional info: SASL(-14): authorization failure: not authorized
>
> I wonder why. You've already got me reading the relevant bits of 
> ldapsearch and slapd.conf, so that I now understand better what's going 
> on and why.

Reading the Admin guide (right at the end) really does work wonders. How 
many times have I urged others to do so?

Now if I do:

sasl-regexp uid=(.*),cn=.*,cn=auth 
"ldap:///dc=billy,dc=demon,dc=nl??sub?uid=admin";

instead of

sasl-regexp uid=(.*),cn=.*,cn=auth 
"ldap:///dc=billy,dc=demon,dc=nl??sub?uid=$1";

ldapsearch  -ZZ -Y digest-md5 -U admin -X u:tonni -H ldap:/// -w
adminpassword 'objectclass=*' dn

works. For some reason, the regexp $1 isn't working.

And Howard's ldapdb auxprop 1.9 still doesn't work, get the same fault.

--Tonni

--
Tony Earnshaw

Once the camel's head has entered your tent,
it's very difficult to stop the rest of the
animal from following it

http://www.billy.demon.nl
Mail: billy-at-billy.demon.nl