[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP authenticate the username/password with MS-AD?

On 20/07/10 21:19 +0600, OSHIM wrote:
i am trying it on same server. so my client and server is same.

To further troubleshoot:

Add something like 'auth.debug /var/log/auth.log' to your syslog

Add 'log_level: 7' to /usr/lib/sasl2/slapd.conf

Run saslauthd in debugging mode, with the '-d' option.

On Jul 20, 2010, at 8:35 PM, Dan White wrote:

On 20/07/10 19:45 +0600, OSHIM wrote:
ldapsearch -LLL -x -H ldap://localhost -s "base" -b "" supportedSASLMechanisms
supportedSASLMechanisms: ANONYMOUS
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: NTLM
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: CRAM-MD5

also i have this line "sasl-secprops none" in to my /etc/ldap/slapd.conf

With the same error or a different one?

If you're getting the same error, make sure that you have the SASL PLAIN
mechanism installed on your client system. Use pluginviewer/saslpluginvewer
to get a list. If you don't, you may need to install additional binary
packages provided by your OS vendor.

Using ldapwhomi is probably better at this point, and will help you work
out your authz-regexp statements.

Dan White