[Date Prev][Date Next]
Re: Proxy authorization fail with cyrus-sasl and postfix
> Julien Vehent <firstname.lastname@example.org> writes:
>> Hello list,
>> I am trying to authenticate my mail users against my ldap directory
>> 2.4.17, debian squeeze). I have setup proxy authorization for user
>> as follow:
>> in slapd.conf
>> # SASL proxy authorization rewrite rule
>> authz-regexp "^uid=([^,]+).*,cn=[^,]*,cn=auth$"
> This regexp requires a uid attribute type.
>> authz-policy to
>> ldif of user postfix
>> dn: cn=Postfix Administrator,ou=infrastructure,dc=linuxwall,dc=info
>> authzto: ldap:///dc=linuxwall,dc=info??sub?(objectClass=inetOrgPerson)
>> cn: Postfix Administrator
> unless you cut it, cn=Postfix Administrator has no uid attribute type,
This *should* have nothing to do, since binding as the Postfix
administrator succeeds, according to the logging he produced. What's
failing is the subsequent proxyauthz'ing (presumably as a user, but the
original posting did not produce enough info).