[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Getting LDAP and SASL (digest-md5) to play nice

To: Rick Stevens <rps2@socal.rr.com>
Subject: Re: Getting LDAP and SASL (digest-md5) to play nice
From: Michael Ströder <michael@stroeder.com>
Date: Thu, 06 Mar 2008 11:10:00 +0100
Cc: openldap-software@openldap.org
In-reply-to: <47CF3B9C.4000102@socal.rr.com>
References: <47CF3B9C.4000102@socal.rr.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.12) Gecko/20080201 SeaMonkey/1.1.8

Rick Stevens wrote:

I'm sure I'm not the only person having this issue, but I absolutely
cannot seem to get SASL and LDAP to work.  I want SASL to authenticate
using the passwords in LDAP, but in the classic chicken-and-egg
scenario, you can't talk to LDAP without having SASL working first.


It works for me.

I have the authz-regexp stuff set up and the ldapwhoami seems to show me
as being converted from the "uid=username,cn=digest-md5,cn=auth" thing
to "uid=username,ou=people,dc=mydomain,dc=com", but ONLY if I've put a
user and password into the saslpasswd2 database.  If I don't do that,
I get invalid SASL credentials on the ldapwhoami.

I have no saslpasswd2 file at all. Make sure you store the password as clear-text in attribute userPassword.

Ciao, Michael.

References:
- Getting LDAP and SASL (digest-md5) to play nice
  - From: Rick Stevens <rps2@socal.rr.com>

Prev by Date: Re: Getting LDAP and SASL (digest-md5) to play nice
Next by Date: Re: null_callbacks after initial sync
Index(es):
- Chronological
- Thread