ldapdb: error: invalid parameter supplied

Tuan Van tvan at santafefixtures.com
Sat May 6 13:47:06 EDT 2006


Dan Nicholson wrote:
> On 4/22/06, Dan Nicholson <dbn.lists at gmail.com> wrote:
>> On 4/22/06, Dan Nicholson <dbn.lists at gmail.com> wrote:
>>> Patrick, I'm going to assume that I have the same setup as you since I
>>> took mine entirely from the Book of Postfix.  I was having the same
>>> problems with openldap-2.3.x, but I think I've solved the problem.
>>> The big thing was getting the regexp in /etc/openldap/slapd.conf to
>>> work correctly.  Now, ldapwhoami checks out as well as ldapdb
>>> authorization through the cyrus-sasl client/server utilities.
>> I lied.  That worked when I only had one user under ou=people.  Now I
>> have two, and one authenticates and one doesn't.  I'm baffled.  Here's
>> some output trying to authenticate through ldapwhoami with the
>> troublesome user.
>>
>> $ ldapwhoami -Y DIGEST-MD5 -U proxy -X u:dan
>> SASL/DIGEST-MD5 authentication started
>> Please enter your password:
>> ldap_sasl_interactive_bind_s: Insufficient access (50)
>>         additional info: SASL(-14): authorization failure: not authorized
> 
> Changing my proxy user authzTo to this regex solved the ldapwhoami problem.
> 
> authzTo: dn.regex:uid=[^,]*,ou=people,dc=foo,dc=com
> 
> cyrus-sasl-2.1.21 server/client utilities now work too with ldapdb.
> 
> --
> Dan

does postfix work with {CRYPT} password in LDAP?

TIA
Tuan


More information about the Cyrus-sasl mailing list