[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP with SASL not working

To: Michael Ströder <michael@stroeder.com>, openldap-technical@openldap.org
Subject: Re: OpenLDAP with SASL not working
From: Don Fike <fike@icl.utk.edu>
Date: Thu, 04 Jun 2015 10:05:38 -0400
In-reply-to: <55705875.3040607@stroeder.com>
References: <556F7105.1040505@icl.utk.edu> <55705875.3040607@stroeder.com>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0

It appears that my issue was related to permissions on the file/etc/sasl2/slapd.conf being rw for root only.

Thanks for the reply,

On 6/4/15 9:53 AM, Michael Ströder wrote:

Don Fike wrote:

I am using OpenLDAP 2.4.39 with SASL 2.1.23 on CentOS 6.6.
I have setup this CentOS server with the same configuration as I have on a
working RedHat 6.6 server.
However with this CentOS server the SASL combination is not working.
Using LDAP without SASL with a SSHA password authentication works.
When using pass-through SASL I see a err=49 in the slapd output and the client
sees Invalid Credentials.
I see no output in saslauthd when run in debug when using LDAP.
Running testsaslauthd alone works as expected and this does generate output in
the saslauthd debug terminal.
It appears that saslauthd never gets the request from slapd.
Any suggestions on how to debug this further in order to determine why it is
not working appreciated.

Current SASL implementation requires clear-text passwords to be stored in
attribute 'userPassword' even for mech PLAIN.

Ciao, Michael.

References:
- OpenLDAP with SASL not working
  - From: Don Fike <fike@icl.utk.edu>
- Re: OpenLDAP with SASL not working
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: AW: OLC permissions - general beginner question
Next by Date: Re: how do I add olcDbCachesize to my ldap
Index(es):
- Chronological
- Thread