[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Issues in implementing SASL

Am Mon, 30 Jan 2012 17:55:38 +0530
schrieb Gaurav Gugnani <gugnanigaurav@gmail.com>:

> Hello All,
> I'm trying to configure SASL on openldap and did following steps:
> 1> Modify the password of the user:
>      saslpasswd2 -c -u <realm> <username>
> 2> Then i modify slapd.conf:
>     sasl-regexp uid=(.*),cn=<realm>,cn=DIGEST-MD5,cn=auth
> uid=$1,ou=System,o=<realm>
> 3> After this i try to do ldapsearch and it gave me an error:
>     ldap_bind: Server is unwilling to perform (53)
>         additional info: unauthenticated bind (DN with no password)
> disallowed
> Somewhere i read that we have to provide SASL information in
> slapd.conf however when i write below mentioned content - then ldap
> doesn't re-start. dn:uid=<username>,ou=System,o=<realm>
> bindmethod=sasl
> saslmech=DIGEST-MD5
> credentials=<password>
> realm=<realm>
> Please help in resolving SASL mechanism to be used.

you should not store the user password by means of saslpasswd2.
Just create an LDAP entry and add a plaintext password to this entry,
preferably by means of ldappasswd(1).


Dieter KlÃnter | Systemberatung
GPG Key ID:DA147B05