ldapdb: error: invalid parameter supplied
Dan Nicholson
dbn.lists at gmail.com
Sat Apr 22 16:44:54 EDT 2006
On 4/22/06, Dan Nicholson <dbn.lists at gmail.com> wrote:
> On 4/22/06, Dan Nicholson <dbn.lists at gmail.com> wrote:
> >
> > Patrick, I'm going to assume that I have the same setup as you since I
> > took mine entirely from the Book of Postfix. I was having the same
> > problems with openldap-2.3.x, but I think I've solved the problem.
> > The big thing was getting the regexp in /etc/openldap/slapd.conf to
> > work correctly. Now, ldapwhoami checks out as well as ldapdb
> > authorization through the cyrus-sasl client/server utilities.
>
> I lied. That worked when I only had one user under ou=people. Now I
> have two, and one authenticates and one doesn't. I'm baffled. Here's
> some output trying to authenticate through ldapwhoami with the
> troublesome user.
>
> $ ldapwhoami -Y DIGEST-MD5 -U proxy -X u:dan
> SASL/DIGEST-MD5 authentication started
> Please enter your password:
> ldap_sasl_interactive_bind_s: Insufficient access (50)
> additional info: SASL(-14): authorization failure: not authorized
Changing my proxy user authzTo to this regex solved the ldapwhoami problem.
authzTo: dn.regex:uid=[^,]*,ou=people,dc=foo,dc=com
cyrus-sasl-2.1.21 server/client utilities now work too with ldapdb.
--
Dan
More information about the Cyrus-sasl
mailing list