[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP authenticate the username/password with MS-AD?

To: OSHIM <mhoshim@gmail.com>
Subject: Re: OpenLDAP authenticate the username/password with MS-AD?
From: Dan White <dwhite@olp.net>
Date: Tue, 20 Jul 2010 10:54:28 -0500
Cc: Jonathan Clarke <jonathan@phillipoux.net>, "andrew.findlay@skills-1st.co.uk" <andrew.findlay@skills-1st.co.uk>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Content-disposition: inline
In-reply-to: <0CF2D837-A11D-42AD-9B61-929CDF593B5D@gmail.com>
References: <4C442DFA.4030405@phillipoux.net> <65EE30A8-5409-4842-8991-D252A3442473@gmail.com> <20100719155742.GD2510@dan.olp.net> <B21B9007-3B6D-4376-80D0-1C20CCF4A300@gmail.com> <20100719185833.GF2510@dan.olp.net> <31B870B2-74E4-41CE-88DB-9D36F3049CAC@gmail.com> <20100720133138.GB2519@dan.olp.net> <5F6A9764-0385-488E-A459-ECFED07DC96B@gmail.com> <20100720143505.GE2519@dan.olp.net> <0CF2D837-A11D-42AD-9B61-929CDF593B5D@gmail.com>
User-agent: Mutt/1.5.18 (2008-05-17)

On 20/07/10 21:19 +0600, OSHIM wrote:

i am trying it on same server. so my client and server is same.


To further troubleshoot:

Add something like 'auth.debug /var/log/auth.log' to your syslog
configuration.

Add 'log_level: 7' to /usr/lib/sasl2/slapd.conf

Run saslauthd in debugging mode, with the '-d' option.

On Jul 20, 2010, at 8:35 PM, Dan White wrote:

On 20/07/10 19:45 +0600, OSHIM wrote:

ldapsearch -LLL -x -H ldap://localhost -s "base" -b "" supportedSASLMechanisms
dn:
supportedSASLMechanisms: ANONYMOUS
supportedSASLMechanisms: LOGIN
supportedSASLMechanisms: NTLM
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: CRAM-MD5

also i have this line "sasl-secprops none" in to my /etc/ldap/slapd.conf


With the same error or a different one?

If you're getting the same error, make sure that you have the SASL PLAIN
mechanism installed on your client system. Use pluginviewer/saslpluginvewer
to get a list. If you don't, you may need to install additional binary
packages provided by your OS vendor.

Using ldapwhomi is probably better at this point, and will help you work
out your authz-regexp statements.


--
Dan White

Follow-Ups:
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>

References:
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: Jonathan Clarke <jonathan@phillipoux.net>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: Dan White <dwhite@olp.net>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: Dan White <dwhite@olp.net>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: Dan White <dwhite@olp.net>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: Dan White <dwhite@olp.net>
- Re: OpenLDAP authenticate the username/password with MS-AD?
  - From: OSHIM <mhoshim@gmail.com>

Prev by Date: Re: So I finally upgraded from slurpd...
Next by Date: Re: OpenLDAP authenticate the username/password with MS-AD?
Index(es):
- Chronological
- Thread