Postfix, SASL and LDAPDB: no worthy mech found

Dieter Kluenter dieter at dkluenter.de
Fri May 21 09:52:40 EDT 2010


Julien Vehent <julien at linuxwall.info> writes:

> On Thu, 20 May 2010 18:48:33 +0200, Julien Vehent <julien at linuxwall.info>
> wrote:
>> I removed the chroot and I see DIGEST-MD5 negociation. It still doesn't
>> work but that already a great progression ! Thanks a lot.
>> 
>
> Well, apparently, I'm not done with this yet...
>
> I copied the content of /usr/lib/sasl2 into /var/run/postfix/usr/lib/sasl2
> and I can now authenticate in DIGEST-MD5 with user postfix on the ldap
> directory.
>
> The logs of slapd (and the network dump) are confirming this, postfix
> negociates the DIGEST-MD5 and is authenticated.
>
> However, The authentication of my user still doesn't work. Postfix is
> telling me :
>
> ----
> May 21 12:56:44 samchiel postfix/smtpd[11862]: warning: SASL
> authentication failure: Password verification failed
> May 21 12:56:44 samchiel postfix/smtpd[11862]: warning:
> localhost[127.0.0.1]: SASL plain authentication failed: authentication
> failure
[...]


try ldapsearch -x -H ldap://<host> -b "" -s base
suppportedSASLMechanisms
Mostlikely SASL PLAIN mechanism is not available.
Because OpenLDAP only supports PLAIN in a protected network
environment, that is either TLS or ldapi

-Dieter

-- 
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6


More information about the Cyrus-sasl mailing list