[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP with SASL not working

I think my issue was that only root could read /etc/sasl2/slapd.conf.
Seems to be working now...


On 6/4/15 1:43 PM, Aaron Richton wrote:
On Wed, 3 Jun 2015, Don Fike wrote:


I am using OpenLDAP 2.4.39 with SASL 2.1.23 on CentOS 6.6.
I have setup this CentOS server with the same configuration as I have on a working RedHat 6.6 server.
However with this CentOS server the SASL combination is not working.
Using LDAP without SASL with a SSHA password authentication works.
When using pass-through SASL I see a err=49 in the slapd output and the client sees Invalid Credentials.
I see no output in saslauthd when run in debug when using LDAP.
Running testsaslauthd alone works as expected and this does generate output in the saslauthd debug terminal.
It appears that saslauthd never gets the request from slapd.
Any suggestions on how to debug this further in order to determine why it is not working appreciated.

To pass LDAP Simple Bind credentials to saslauthd, you'll need to use the {SASL} password scheme (compiled with --enable-spasswd -- see the OpenLDAP FAQ-O-Matic).

This doesn't enable SASL Binds, however; for that, you'll need passwords in the directory.