Re: Secret not in database

[Michael Ströder <michael@stroeder.com>]

Seau Yeen Su wrote:
> 
> I have successfully installed cyrus-sasl-2.1.23 and openldap-2.3.27 plus
> BerkeleyDB.4.3 in my RHEL5.2 server. After the installation, i used
> saslpasswd2 -c to create an admin user:
> 
> saslpasswd2 -c admin

Do you actually have an entry with (uid=admin) in your LDAP server?

> After that, I thought of doing a search on the database with the command : 
> ldapsearch -H ldap:///localhost -Y DIGEST-MD5 -d 2 -U admin
> but it returned an error of :
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
>         additional info: SASL(-13): user not found: no secret in database
> 
> When i did a check on /etc/, the sasldb2 file is there.
> I do not know
> and understand why it cannot find this user. Did i miss out anything.
> Below is excerpt from my slapd.conf file
>
> password-hash {CLEARTEXT}
> authz-regexp uid=(.*),cn=synabase-dev5.synamatixdev.com
> <http://synabase-dev5.synamatixdev.com>,cn=DIGEST-MD5,cn=auth
> ldap:///dc=synamatixdev,dc=com??sub?uid=$1
> authz-regexp uid=(.*),cn=synabase-dev5.synamatixdev.com
> <http://synabase-dev5.synamatixdev.com>,cn=DIGEST-MD5,cn=auth uid=$1

You don't need /etc/sasldb2 if you want to use authz-regexp. Simply create an
LDAP entry with below your search root dc=synamatixdev,dc=com with attribute
uid set to admin and userPassword set in clear-text.

Ciao, Michael.

-- 
Michael Ströder
E-Mail: michael@stroeder.com
http://www.stroeder.com