[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL authentication with open ldap

To: openldap-software@openldap.org
Subject: SASL authentication with open ldap
From: JOYDEEP <j.bakshi@unlimitedmail.org>
Date: Tue, 13 Mar 2007 13:43:55 +0530
User-agent: Thunderbird 1.5 (X11/20060317)

Dear Philip, Greg, Tony, Louis and the list,

Thanks for the guidance so far. I have got little success but still away
from my target.
here I'm describing every thing.

1> I have executed "saslpasswd2  admin" to create the user admin in the
sasldb2

2> "sasldblistusers2"   shows as below

                     admin@linux.kolkatainfoservices.in: userPassword

3> now the command *ldapsearch -H ldaps://* when asks the password I
gave the admin password stored in sasldb2.
  and now it is working.

4> I may be allowed to provide the log here
  =======================================================
Mar 12 12:26:12 linux slapd[6783]: conn=2 fd=15 ACCEPT from
IP=127.0.0.1:36689 (IP=0.0.0.0:636)
Mar 12 12:26:12 linux slapd[6783]: conn=2 fd=15 TLS established
tls_ssf=256 ssf=256
Mar 12 12:26:12 linux slapd[6783]: conn=2 op=0 SRCH base="" scope=0
deref=0 filter="(objectClass=*)"
Mar 12 12:26:12 linux slapd[6783]: conn=2 op=0 SRCH
attr=supportedSASLMechanisms
Mar 12 12:26:12 linux slapd[6783]: conn=2 op=0 SEARCH RESULT tag=101
err=0 nentries=1 text=
Mar 12 12:26:12 linux slapd[6783]: conn=2 op=1 BIND dn="" method=163
Mar 12 12:26:12 linux slapd[6783]: conn=2 op=1 RESULT tag=97 err=14 text=
Mar 12 12:26:12 linux ldapsearch: DIGEST-MD5 client step 2
Mar 12 12:26:14 linux ldapsearch: DIGEST-MD5 client step 2
Mar 12 12:26:14 linux slapd[6783]: conn=2 op=2 BIND dn="" method=163
Mar 12 12:26:14 linux slapd[6783]: conn=2 op=2 BIND authcid="admin"
authzid="admin"
Mar 12 12:26:14 linux slapd[6783]: conn=2 op=2 BIND
dn="uid=admin,cn=digest-md5,cn=auth" mech=DIGEST-MD5 ssf=128
Mar 12 12:26:14 linux slapd[6783]: conn=2 op=2 RESULT tag=97 err=0 text=
Mar 12 12:26:14 linux ldapsearch: DIGEST-MD5 client step 3
Mar 12 12:26:14 linux slapd[6783]: conn=2 op=3 SRCH
base="ou=Users,dc=kolkatainfoservices,dc=in" scope=2 deref=0
filter="(objectClass=*)"
Mar 12 12:26:14 linux slapd[6783]: conn=2 op=3 SEARCH RESULT tag=101
err=0 nentries=7 text=
Mar 12 12:26:14 linux slapd[6783]: conn=2 op=4 UNBIND
Mar 12 12:26:14 linux slapd[6783]: conn=2 fd=15 closed
==============================================================

please note the ["uid=admin,cn=digest-md5,cn=auth" mech=DIGEST-MD5 ssf=128]

5> BUT when I added entry for Manager ( as per root dn) and provide the
password of manager it is not working.
even it is not working for any other uesrs which I have added in
sasldb2.


How can I fix the problem ?

PS: here is my ldif as attachment

dn: dc=kolkatainfoservices,dc=in
objectClass: domain
dc: kolkatainfoservices
structuralObjectClass: domain

dn: ou=adrbook-GER,dc=kolkatainfoservices,dc=in
ou: adrbook-GER
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit

dn: ou=adrbook-IND,dc=kolkatainfoservices,dc=in
ou: adrbook-IND
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit

dn: ou=Users,dc=kolkatainfoservices,dc=in
ou: Users
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit

dn: ou=Passwd,dc=kolkatainfoservices,dc=in
ou: Passwd
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit

dn: ou=Groups,dc=kolkatainfoservices,dc=in
ou: Groups
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit

Follow-Ups:
- Re: SASL authentication with open ldap
  - From: Tony Earnshaw <tonni@hetnet.nl>

Prev by Date: RE: Ghosting Data
Next by Date: Re: New superior without new RDN
Index(es):
- Chronological
- Thread