[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: cmusaslsecretPLAIN attribute



John Burian <john@burian.org> writes:

> I'm running RedHat EL 5 with stock RPMs for OpenLDAP, Cyrus SASL and
> OpenSSL:
>
> OpenLDAP 2.3.27
> Cyrus-SASL 2.1.22
> OpenSSL 0.9.8b
>
> I've created a CA on the server, used that to sign a cert, and put the
> appropriate entries in slapd.conf (to use the cert) and in ldap.conf
> (to trust the CA). If I run 'ldapwhoami:
>
> $ ldapwhoami
> SASL/PLAIN authentication started
> Please enter your password:
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
>         additional info: SASL(-13): user not found: Password
>         verification failed

>From your remarks on CA and certificate a assume that you want to use
TLS, while your ldapwhoami seems to indicate that you want to make use
of PLAIN mechanism, which is disabled by default, unless you
provide a secure transport method, that is either TLS or local socket.
Unless you provide more information on the parameters used, no advice
can be given.

-Dieter 

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6