[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL Authentication

Ammar T. Al-Sayegh wrote:

There is a long list of libs in /usr/lib/sasl2.
Which one should I delete?

Now I realize that it will check methods according
to listed libs in certain order. Since I had previous
installation of sasl2, the old libs were there even
though I have the --disable option. So I deleted the
whole /usr/lib/sasl2 directory and recompiled. Now
I get SASL/DIGEST-MD5 as default.

New problem though, the autentication is failing for

# ldapwhoami -U root
SASL/DIGEST-MD5 authentication started
Please enter your password: ldap_sasl_interactive_bind_s: Internal
       (implementation specific) error (80)
           additional info: SASL(-13):
               user not found: no secret in database

But I started saslauthd as:

   saslauthd -a shadow

and root does exist in the shadow file. So why does it
think that it's doesn't exist?

I'm moving from shadow to ldap, but I wanted to verify
with shadow first before I migrate to ldap.

Problems with Cyrus SASL should be directed to the mailing lists managed by the Cyrus project. If you have not gotten the Cyrus SASL sample-client and sample-server working yet then you have a broken SASL config, and how to fix that does not belong on the OpenLDAP-software mailing list.

 -- Howard Chu
 Chief Architect, Symas Corp.       Director, Highland Sun
 http://www.symas.com               http://highlandsun.com/hyc
 Symas: Premier OpenSource Development and Support