<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">
<div>Hello, I am trying to set up Cyrus sasl so I can use it for pass-through authentication with OpenLDAP. The OS is SUSE sles11 and I thought I'd start with what is already there preinstalled (v.2.1.22)</div>
<div>I am trying to authenticate against Active Directory 2008.</div>
<div>My configuration file looks like:</div>
<div><br>
</div>
<div>
<div>ldap_servers: ldap://hamwdc01.niwa.local/</div>
<div>ldap_search_base: DC=niwa=,DC=local</div>
<div>ldap_scope: sub</div>
<div>ldap_sasl_mech: plain</div>
<div>ldap_auth_method: bind</div>
<div>ldap_bind_dn: "CN=SDT Tester,OU=NIWA Staff Accounts,OU=User Accounts,DC=niwa,DC=local"</div>
<div>ldap_password: mypassword</div>
<div>ldap_filter: (dn=%u)</div>
<div><br>
</div>
<div>When I try authenticate using testsaslauthd</div>
<div>I get:</div>
<div>>Authentication failed for some-user: Bind to ldap server failed (invalid user/password or insufficient access) (-7)</div>
<div><br>
</div>
<div>If I try a ldap_<span style="font-style: italic">bind_</span>dn of the form <a href="mailto:sdttester@niwa.local">
sdttester@niwa.local</a> in the config file I get:</div>
<div>Authentication failed for some-user: Retry condition (ldap server connection reset or broken) (-3)</div>
<div><br>
</div>
<div>This is all very puzzling, as I can ldapsearch perfectly fine with any valid user I chose in either form (DN or userPrincipalName)</div>
<div><br>
</div>
<div>Is it possible that this installation of cyrus has not been compiled with ldap support? I would expect a bit more feedback.</div>
<div><br>
</div>
<div>I have thought about building my own version cyrus, but I have run into problems with versioning (I think)</div>
<div>Make fails:</div>
<div><br>
</div>
<div>
<div>make all-recursive</div>
<div>make[1]: Entering directory `/home/turekg/cyrus-sasl-2.1.25'</div>
<div>Making all in include</div>
<div>make[2]: Entering directory `/home/turekg/cyrus-sasl-2.1.25/include'</div>
<div>make[2]: Nothing to be done for `all'.</div>
<div>make[2]: Leaving directory `/home/turekg/cyrus-sasl-2.1.25/include'</div>
<div>Making all in sasldb</div>
<div>make[2]: Entering directory `/home/turekg/cyrus-sasl-2.1.25/sasldb'</div>
<div>/bin/sh ../libtool --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../include -I../include -I/usr/local/BerkeleyDB.5.2/include -DOBSOLETE_CRAM_ATTR=1 -Wall -W -g -O2 -MT db_berkeley.lo -MD -MP -MF .deps/db_berkeley.Tpo -c -o db_berkeley.lo db_berkeley.c</div>
<div>gcc -DHAVE_CONFIG_H -I. -I.. -I../include -I../include -I/usr/local/BerkeleyDB.5.2/include -DOBSOLETE_CRAM_ATTR=1 -Wall -W -g -O2 -MT db_berkeley.lo -MD -MP -MF .deps/db_berkeley.Tpo -c db_berkeley.c -fPIC -DPIC -o db_berkeley.lo</div>
<div>db_berkeley.c: In function 'berkeleydb_open':</div>
<div>db_berkeley.c:82: warning: passing argument 3 of 'utils->getcallback' from incompatible pointer type</div>
<div>db_berkeley.c:107: warning: passing argument 2 of '(*mbdb)->open' from incompatible pointer type</div>
<div>db_berkeley.c:107: warning: passing argument 4 of '(*mbdb)->open' makes pointer from integer without a cast</div>
<div>db_berkeley.c:107: error: too few arguments to function '(*mbdb)->open'</div>
<div>db_berkeley.c: In function '_sasl_check_db':</div>
<div>db_berkeley.c:371: warning: passing argument 3 of 'utils->getcallback' from incompatible pointer type</div>
<div>make[2]: *** [db_berkeley.lo] Error 1</div>
<div>make[2]: Leaving directory `/home/turekg/cyrus-sasl-2.1.25/sasldb'</div>
<div>make[1]: *** [all-recursive] Error 1</div>
<div>make[1]: Leaving directory `/home/turekg/cyrus-sasl-2.1.25'</div>
<div>make: *** [all] Error 2</div>
</div>
<div><br>
</div>
<div>I am very frustrated at this time and any help would be greatly appreciated! Thanx</div>
<div>Gaby</div>
<div><br>
</div>
<div><br>
</div>
<div> </div>
</div>
<div><br>
</div>
</body>
</html>