problems with cyrus sasl ldap pam authentication
Dmitriy Kirhlarov
dkirhlarov at oilspace.com
Tue Sep 20 12:01:10 EDT 2005
On Tue, Sep 20, 2005 at 05:53:22PM +0300, nikolay.nenchev at rbb.bg wrote:
> Also log from auth.log is:
> Sep 20 17:42:23 localhost saslauthd[9440]: pam_ldap: ldap_search_s No such
> object
> Sep 20 17:42:23 localhost saslauthd[9440]: DEBUG: auth_pam:
> pam_authenticate failed: Permission denied
> Sep 20 17:42:23 localhost saslauthd[9440]: do_auth : auth failure:
> [user=cyrus] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]
Use high debug level.
Look in your /etc/ldap.conf
My worked config:
uri ldap://localhost/
base ou=users,o=oilspace
ldap_version 3
pam_filter objectClass=posixAccount
pam_login_attribute uid
pam_password md5
ssl start_tls
tls_cacertfile /etc/openldap/ssl/cacert.pem
tls_checkpeer yes
# Password is stored in /etc/ldap.secret (mode 600)
rootbinddn xxxxx
scope sub
nss_base_passwd ou=users,o=oilspace?sub?objectClass=posixAccount
nss_base_shadow ou=users,o=oilspace?sub?objectClass=posixAccount
nss_base_group ou=groups,o=oilspace?sub?objectClass=posixGroup
WBR
--
Dmitriy Kirhlarov
OILspace, 26 Leninskaya sloboda, bld. 2, 2nd floor, 115280 Moscow, Russia
P:+7 095 105 7247 F:+7 095 105 7246 E:DmitriyKirhlarov at oilspace.com
OILspace - The resource enriched - www.oilspace.com
More information about the Cyrus-sasl
mailing list