sasl auth against Active Directory

Geoff mxondebian at
Tue Mar 30 12:16:13 EDT 2010


I'm trying to set up sasl auth against ldap (Active Directory) to 
authenticate subversion users.

I set up the ladp mechanism and testing it with testsaslauthd but I just 
can't have it working.

I'm running Debian Lenny and saslauthd 2.1.22

The error message logged is :
Authentication failed for MYUSER: Bind to ldap server failed (invalid 
user/password or insufficient access) (-7)

Here are the settings :
ldap_servers: ldap://x.x.x.x/
ldap_search_base: OU=Vibrateam,DC=domain,DC=ext
ldap_bind_dn: CN=AdminUser,OU=organisation,DC=domain,DC=ext
ldap_bind_pw: secret
ldap_use_sasl: no
ldap_start_tls: no
ldap_version: 3
ldap_auth_method: bind
ldap_filter: (sAMAccountName=%u)

I noticed mail and comment about sasl and AD talking about going with 
kerberos instead but I was looking for something more straight forward.
Then I'm just wondering is this possible or not ?
In case it is, what am I doing wrong ?


More information about the Cyrus-sasl mailing list