Fail to test uid of OpenLDAP with TLS...

Dan White dwhite at olp.net
Thu May 26 14:13:49 EDT 2011


On 26/05/11 16:50 +0700, Nguyen, Quoc Khanh wrote:
>Oh, my god... It's failed... too. When i checked TLS/SSL by ldapsearch and
>it worked OK...
>I... I'm so confusing about this problem. After relax for a while, i
>decide to go back for your way: use STARTTLS. And when i tested for many
>times, i have a result:
>
>root at ldap:/usr/local/sasl2/sbin# ./testsaslauthd -u khanhnq -p 123456
>0: NO "authentication failed"
>root at ldap:/usr/local/sasl2/sbin# ./testsaslauthd -u khanhnq -p 123456
>0: OK "Success."
>root at ldap:/usr/local/sasl2/sbin# ./testsaslauthd -u khanhnq -p 123456
>0: NO "authentication failed"
>root at ldap:/usr/local/sasl2/sbin# ./testsaslauthd -u khanhnq -p 123456
>0: NO "authentication failed"
>root at ldap:/usr/local/sasl2/sbin# ./testsaslauthd -u khanhnq -p 123456
>0: OK "Success."
>root at ldap:/usr/local/sasl2/sbin# ./testsaslauthd -u khanhnq -p 123456
>0: NO "authentication failed"
>root at ldap:/usr/local/sasl2/sbin# ./testsaslauthd -u khanhnq -p 123456
>0: OK "Success."

How many threads (saslauthd option -n) are you starting? Does it make any
difference if you set that value to 0, 1, or a higher number than 5 (the
default)?

To help debug, try running saslauthd with '-d', and add this
(undocumented) command to your saslauthd.conf:

ldap_debug: -1

-- 
Dan White


More information about the Cyrus-sasl mailing list