[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
How to configure openLDAP with SASL Digest-MD5
Hello,
I have openLDAP-2.1.25 with simple authentication
(without SSL/TLS) works fine on my machine RedHat
Linux 9.0 kernel 2.4.20-8.
I'm now trying to incorporate the SASL Digest-MD5
authentication on it. I have followed the 'SASL
Configuration: Digest-MD5' guide from LDAP Linux HOWTO
but still can't get it right.
My Cyrus SASL 2.1.15 is installed by using the
following configuration:
# CPPFLAGS="-I/usr/local/include"
LDFLAGS="-L/usr/local/lib" ./configure
where include and lib are directories of my Berkeley
db.
While the server is installed with the following
configuration:
# CPPFLAGS="-I/usr/local/include"
LDFLAGS="-L/usr/local/lib" ./configure --prefix=/usr
--libexecdir=/usr/sbin --sysconfdir=/etc
--localstatedir=/var/run --enable-debug --disable-ipv6
--with-cyrus-sasl --without-kerberos --without-tls
--enable-crypt --enable-passwd --enable-ldbm
I have successfully created the sasl user database
using 'saslpasswd2 -c admin' command.
However, the result of executing 'sasldblistusers2':
# sasldblistusers2
db failure
listusers failed
When I tried to see the content of the db:
# slapcat
Unrecognized database type (dbm)
slapcat: bad configuration file!
When I tried to add entries to the LDAP directory:
# slapadd -c -l ever.ldif -f slapd.conf -v -d 256
slapadd: line 6: database (dc=example,dc=com) not
configured to hold "o=Ever"
slapadd: line 6: database (dc=example,dc=com) not
configured to hold "o=ever"
slapadd: line 12: database (dc=example,dc=com) not
configured to hold "ou=Staff,o=Ever"
slapadd: line 12: database (dc=example,dc=com) not
configured to hold "ou=staff,o=ever"
slapadd: line 17: database (dc=example,dc=com) not
configured to hold "ou=People,o=Ever"
slapadd: line 17: database (dc=example,dc=com) not
configured to hold "ou=people,o=ever"
slapadd: line 27: database (dc=example,dc=com) not
configured to hold "uid=admin,ou=Staff,o=Ever"
slapadd: line 27: database (dc=example,dc=com) not
configured to hold "uid=admin,ou=staff,o=ever"
<= str2entry: str2ad(displayName): attribute type
undefined
slapadd: could not parse entry (line=39)
1. Does anybody know what I did wrong here ? I suspect
the database is not configured correctly, but I'm not
sure how to fix it.
2. What do I need to do to include SASL Digest-MD5
authentication in openLDAP ?
Thanks,
--Lara
****************** slapd.conf ********************
/usr/local/etc/openldap/schema/core.schema
loglevel 256
pidfile /usr/local/var/slapd.pid
argsfile /usr/local/var/slapd.args
database bdb
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw secret
directory /var/lib/ldap
sasl-regexp uid=(.*),cn=rdnt03,cn=DIGEST-MD5,cn=auth
uid=$1,ou=People,o=Ever
*************************************************
***************** ever.ldif *********************
dn: o=Ever
o: Ever
description: Organization Root
objectClass: top
objectClass: organization
dn: ou=Staff, o=Ever
ou: Staff
description: These are privileged users that can
interact with Organization prod
ucts
objectClass: top
objectClass: organizationalUnit
dn: ou=People, o=Ever
ou: People
objectClass: top
objectClass: organizationalUnit
dn: uid=admin, ou=Staff, o=Ever
uid: admin
cn: LDAP Administrator
sn: admin
userPassword: {SHA}5en6G6MezRroT3XKqkdPOmY/BfQ=
objectClass: Top
objectClass: Person
objectClass: Organizationalperson
objectClass: Inetorgperson
dn: uid=admin,ou=People,o=Ever
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
userPassword: {SHA}5en6G6MezRroT3XKqkdPOmY/BfQ=
displayName: admin
mail: admin@eversystems.com.br
uid: admin
cn: Administrator
sn: admin
****************************************************
=====
---------------------------------------------------------------------
Believe in miracles, but don't depend upon them
----------------------------------------------------------------------
__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/