problems sasl not create database sasl.db
spiderslack
spiderslack at yahoo.com.br
Fri Oct 15 14:17:54 EDT 2010
On 09/07/2010 05:51 PM, Dan White wrote:
> On 07/09/10 16:59 -0400, spiderslack wrote:
>>> That's an unusual location for the sasldb file. Did you compile
>>> sasl? If
>>> so, which options did you pass to configure, and which version are you
>>> using?
>>
>> I compiled the sasl'm using mandriva and installed the package via
>> urpmi.
>>
>> But I found that the package does not provide support for mandriva
>> sasldb as the command below.
>>
>> [root at localhost ~]# saslauthd -v
>> saslauthd 2.1.23
>> authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap
>
> saslauthd is not the preferred interface to sasldb, and in fact is
> disabled
> by default. You'd have to recompile saslauthd to get it.
>
> The preferred method is to specify 'pwcheck_method: auxprop', and
> 'auxprop_plugin: sasldb' within your application SASL config file.
>
>> changed the variable SASL_AUTHMECH for "ldap in file
>> /etc/sysconfig/saslauthd.
>
> Are you abandoning sasldb?
>
Yes, i using auxprop ldap
>> After that I tried to access via testsaslauth and ran track but
>> ldapsearch command does not work. Below the configuration files and
>> command output sasl.
>>
>> Any idea where I might be wrong. I thank you
>>
>>
>> cat /etc/saslauthd.conf
>> ldap_servers: ldap://127.0.0.1
>> ldap_port: 389
>> ldap_version: 3
>> ldap_referrals: no
>> ldap_search_base: dc=exemplo,dc=com,dc=br
>> ldap_auth_method: bind
>>
>>
>> [root at localhost ~]# testsaslauthd -u user -p 123456
>> 0: OK "Success."
>> [root at localhost ~]#
>>
>>
>> [root at localhost ~]# ldapsearch -LLL -Y DIGEST-MD5 -U user cn=benjamin cn
>> SASL/DIGEST-MD5 authentication started
>> Please enter your password:
>> ldap_sasl_interactive_bind_s: Invalid credentials (49)
>> additional info: SASL(-13): user not found: no secret in database
>> [root at localhost ~]#
>
> You're doing two different things there.
>
> saslauthd, with your configuration, is doing, roughly:
>
> ldapsearch -x -b "dc=exemplo,dc=com,dc=br" -H "ldap://127.0.0.1"
> uid=user dn
> (anonymous bind)
> and given the $dn that is returned:
> ldapwhoami -x -b "dc=exemplo,dc=com,dc=br" -H "ldap://127.0.0.1" \
> -D "$dn" -w 123456
>
thanks thus worked. I use this way.
Regards.
__________________________________________________
Fale com seus amigos de graça com o novo Yahoo! Messenger
http://br.messenger.yahoo.com/
More information about the Cyrus-sasl
mailing list