[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slap_auxprop: attribute type undefined



"Ammar T. Al-Sayegh" <ammar@kunet.com> writes:

> Hi All,
>
> I just installed openldap-2.2.17 with LDAP
> auxprop plugin for SASL-enabled servers.
> However, authentication is not going through
> successfully. Following is the debug message
> where I think it's failing:
>
> slap_auxprop: str2ad(cmusaslsecretDIGEST-MD5): attribute type undefined
> send_ldap_result: conn=0 op=0 p=3
> SASL [conn=0] Failure: client response doesn't match what we generated
>
> I'm assuming that auxprop is trying to look
> for the password in the ldap directory, but
> it's not trying to match it with userPassword,
> but with cmusaslsecretDIGEST-MD5, which is
> a non-existent property. Is this what is
> happening?

No, cmusaslsecretDIGEST-MD5 is what it claims to be, a DIGEST-MD5
challenge, but the challenge, generated by slapd doesn't match the
challenge presented.   

 How can I correct this problem?
> Is there a way to force it to compare with
> userPassword?

make yourself familiar with shared secrets.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:01443B53