Cyrus-SASL + OpenLDAP

Edward Ashley ned at klesknet.com
Tue Aug 30 11:41:55 EDT 2005 

Hi,
I have been trying for ages to try and get my configuration working 
using cyrus-sasl and openldap to no avail. Please can I have some help 
with this.
Basically I have an openldap directory with the domain name as the base 
directory, then an openexchange schema on top of it. So for the users it 
looks like this:

ou=Users,ou=OxObjects,dc=example.com

I have a line in the ldap config like this:

sasl-regexp uid=(.*),cn=(.*),cn=DIGEST-MD5,cn=auth 
uid=$1,ou=Users,ou=OxObjects,dc=$2

so that I can have multiple domains, with SASL authenticating to 
different domains. I basically want to have cyrus-imap with multiple 
domains, with each domain having a user list in ldap.

However whenever I try and do testsaslauthd -u user -p password -r 
example.com it comes back saying no authentication failed. I have set 
cyrus-sasl to use ldap, and checked that ldap support is compiled into 
it. I have added the line:

ldap_servers: ldap://127.0.0.1/

to my /etc/saslauthd.conf file.

I am using centos 4 (a RHEL4 clone). And have included info from my 
/etc/openldap/slapd.conf file below. My versions are as follows:
rpm -aq | grep cyrus
cyrus-sasl-plain-2.1.19-5.EL4
cyrus-sasl-devel-2.1.19-5.EL4
cyrus-sasl-md5-2.1.19-5.EL4
cyrus-imapd-2.2.12-3.RHEL4.1
cyrus-sasl-2.1.19-5.EL4
cyrus-imapd-utils-2.2.12-3.RHEL4.1

Note: I recompiled openldap with the --enable-aci option.

rpm -aq | grep ldap
compat-openldap-2.1.30-2
openldap-devel-2.2.13-2
python-ldap-2.0.1-2
openldap-2.2.13-2
openldap-servers-2.2.13-2
openldap-servers-sql-2.2.13-2
php-ldap-4.3.9-3.8
perl-ldap-0.31-1.2.el4.rf
openldap-clients-2.2.13-2
nss_ldap-226-6


include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/openxchange.schema

allow bind_v2

sasl-regexp uid=(.*),cn=(.*),cn=DIGEST-MD5,cn=auth 
uid=$1,ou=Users,ou=OxObjects,dc=$2

pidfile         /var/run/slapd.pid
argsfile        /var/run/slapd.args

database        ldbm
suffix          "dc=example.com"
rootdn          "cn=Manager,dc=example.com"
directory      /var/lib/ldap

index   
uid,mailEnabled,cn,sn,givenname,InetMailAccess,alias,loginDestination   
eq,sub

Any help would be greatly appreciated.
Ned

More information about the Cyrus-sasl mailing list