FDS and Cyrus SASL

Chavez, James R. james.chavez at sanmina-sci.com
Tue Feb 24 15:02:30 EST 2009 

Hello List,
I am having an issue getting SASL gssapi going between my Fedora
Directory LDAP servers and LDAP clients
I have configured OpenLDAP with SASL gssapi and it works great. However
I am havving issues when I run an ldapsearch or ldapwhoami on my
clients.

What do I need on the client side to get saslgssapi working correctly?
For openldap there is the /usr/lib/sasl2/slapd.conf file to configure
the openldap parameters. What can I do for clients to connect to FDS
correctly.

My SASL is working on the clients when I run testsaslauthd -r REALM -u
user -p password. I get 0: OK "Success." as the result. I think I am
missing something on the client and server side as far as configuration.


Is there something I can do to trace SASL gssapi errors? Or to debug the
transfer between the client and server. I ran a tcpdump but did not find
much there.

Thanks
James

CONFIDENTIALITY
This e-mail message and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail message, you are hereby notified that any dissemination, distribution or copying of this e-mail message, and any attachments thereto, is strictly prohibited.  If you have received this e-mail message in error, please immediately notify the sender and permanently delete the original and any copies of this email and any prints thereof.
ABSENT AN EXPRESS STATEMENT TO THE CONTRARY HEREINABOVE, THIS E-MAIL IS NOT INTENDED AS A SUBSTITUTE FOR A WRITING.  Notwithstanding the Uniform Electronic Transactions Act or the applicability of any other law of similar substance and effect, absent an express statement to the contrary hereinabove, this e-mail message its contents, and any attachments hereto are not intended to represent an offer or acceptance to enter into a contract and are not otherwise intended to bind the sender, Sanmina-SCI Corporation (or any of its subsidiaries), or any other person or entity.

More information about the Cyrus-sasl mailing list