[Date Prev][Date Next]
Re: Authenticate to ldap using Kerberos
On 09/09/10 12:47 +0800, Wouter van Marle wrote:
Adding user `openldap' to group `sasl' ...
Adding user openldap to group sasl
(Did you restart slapd?)
The issue is that the /var/run/saslauthd directory, where the
saslauthd unix socket is located, is only accessible by group 'sasl' (and
drwx--x--- 2 root sasl 4096 2010-09-09 10:14 saslauthd
Still the same permission denied error message in syslog!
If I recall correctly, you mentioned running Postfix previously. Is it
running chrooted? Have you customized the location of your saslauthd mux?
If so, you'll need to add:
What's the output of /etc/default/saslauthd (minus the comments)?
Also, assuming IMAP is running on the same system, what's the output of:
grep sasl /etc/imapd.conf | sed 's/^sasl_//'
Is that substantially different from /usr/lib/sasl2/slapd.conf?
To trouble shoot, find out where saslauthd is listening:
# netstat -an | grep saslauthd
unix 2 [ ACC ] STREAM LISTENING 9712 /var/run/saslauthd/mux
Set your saslauthd_path appropriately:
(minus the /mux)
and correct any permissions problems to that directory. The mux itself
should have 777 permissions:
srwxrwxrwx 1 root root 0 2010-08-23 22:37 /var/run/saslauthd/mux