Cyrus-sasl & LDAP saslRegexp
Edward Ashley
ned at klesknet.com
Thu Sep 8 11:43:33 EDT 2005
Hi,
I was wondering if someone out there knows the solution to my problem. I
have configured a OpenLDAP with multiple DIT's. And so there are
effectively 2 sets of users at the moment,
ou=Users,ou=OxObjects,dc=example.net &
ou=Users,ou=OxObjects,dc=example2.com.
I have also got the command ldapwhoami to work correctly for the default
domain. So when I run:
ldapwhoami -Y DIGEST-MD5 -U mailadmin
and put in the password, it's successful.
I'm using the expression:
saslRegexp uid=(.*),cn=DIGEST-MD5,cn=auth
ldap:///ou=Users,ou=OxObjects,dc=example.net??sub?uid=$1
obviously this doesn't take account of the realm, so that I can use the
command:
ldapwhoami -Y DIGEST-MD5 -U mailadmin -R test.com
and it authenticates. However I would like to add another regexp
expression so that I could get people authenticating using the
realm/domain of example2.com. I have tried adding a regexp expression
like this:
saslRegexp uid=(.*),cn=example2.com,cn=DIGEST-MD5,cn=auth
ldap:///ou=Users,ou=OxObjects,dc=example2.com??sub?uid=$1
however this doesn't seem to change any behaviour. When I try the command:
ldapwhoami -Y DIGEST-MD5 -U mailadmin -R example2.com
or
ldapwhoami -Y DIGEST-MD5 -U mailadmin at example2.com
the first expression will only authenticate with the default domains
mailadmin password, and the second one doesn't authenticate at all.
Please help me solve this problem, anything I have left out then please
ask me,
Thanks
Ned
More information about the Cyrus-sasl
mailing list