[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slap_auxprop: attribute type undefined [Resolved]



Ammar T. Al-Sayegh wrote:

It checks for both. You can just ignore the reference to cmusaslsecret* unless you really want to use it. In Cyrus SASL 2, mechanism-specific passwords are deperecated anyway and really only needed for the OTP mech.

Your problem here is simply that the value computed from userPassword doesn't match what the user typed in. Remember that Cyrus and the ldapdb plugin only works if the userPassword is stored in plain text, not in any hashed format.


Issue resolved using the following mapping rule in slapd.conf:

sasl-regexp
   uid=(.*),cn=DIGEST-MD5,cn=auth
   uid=$1,ou=People,dc=mydomain,dc=com

Just thought of mentioning it here in case other people fall
into the same problem again, which is neither well-documented
nor it is intuitive to resolve.

Seems you haven't read the Administrator's Guide. http://www.openldap.org/doc/admin22/sasl.html

--
 -- Howard Chu
 Chief Architect, Symas Corp.       Director, Highland Sun
 http://www.symas.com               http://highlandsun.com/hyc
 Symas: Premier OpenSource Development and Support