[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Can't get password passthrough to work with openldap

k pur <4krishan@gmail.com> writes:

> Hi,
>    I am trying to get Pass-Through authentication to work for password
>    verification.
>    Following the 'Pass-Through authentication' (14.5) in the openldap 2.4
>    admin guide, I hve configured saslauthd and slapd.conf (sasl) and
>    managed to successfully authenticate with Active Directory (AD) using 
>    the 'testsaslauthd' utility.
>    Setting a user password in my openldap database in the form
>    dn: uid=user,ou=org,dc=org.com
>    userPassword: {SASL}joe@ad.example.com
>    where joe@ad.example.com is the userPrincipalName defined for this
>    user in AD.
>    I can't authenticate, when using the ldapsearch command
>      $ ldapsearch -x -v -D 'uid=joe,ou=people,dc=myorg.com' -W -h ldaphost
>      Comes up with error (49)
>      I have enabled --enable-spasswd --with-cyrus-sasl when compiling openldap
>      Has anybody configured this type of setup successfully?
>      My question is - how do I configure my openldap server to talk to

You have to configure a sasl related slapd.conf, depending on you OS
this file might be either in /usr/lib/sasl2/slapd.conf or


Dieter Klünter | Systemberatung