SASL2 + remote openldap?
Andreas Winkelmann
ml at awinkelmann.de
Sat Jul 8 01:24:06 EDT 2006
Am Saturday 08 July 2006 01:57 schrieb Jim John:
> Hello. I am unsure if SASL2 is able to communciate with my remote LDAP. I
> ran it with /usr/sbin/saslauthd -a ldap, but I get "saslauthd[29495]:
> do_auth : auth failure: [user=myuser1] [service=imap] [realm=]
> [mech=ldap] [reason=Unknown]" and " plaintext myuser1 SASL(-13):
> authentication failure: checkpass failed".
>
> I think the problem is that it is not connecting to my remote ldap because
> the remote ldap has no log of a connection. I did not create a certificate
> for binding to the remote ldap. I used a certificate I created for a local
> ldap. Is that the reason? Do I need to specify a port or a port that
> supports SSL in /etc/sasl2/saslauthd.conf?
Are you sure, that saslauthd reads the File? Maybe it looks in another Path.
Stop saslauthd and change the Start-Options.
Add "-O /etc/sasl2/saslauthd.conf"
> Also, how does SASL2 know which node to search for the username and which
> attribute for the password? Do I need to add the location of the subtree
> for the search to the /etc/sasl2/saslauthd.conf beyond just the base? I am
> using a qmail schema. Thanks for any help.
All Options are described in "LDAP_SASLAUTHD", at least in the Original
Tarball in "./saslauthd/LDAP_SASLAUTHD".
> Here is my saslauthd.conf file
>
> ldap_servers: ldap://my.remote.address/
> ldap_bind_dn: cn=Manager,dc=My.Remote.LDAP,dc=com
> ldap_bind_pw: mypassword
> ldap_search_base:
--
Andreas
More information about the Cyrus-sasl
mailing list