Help with Cyrus configuration - testsaslauthd not working

Gabriella Turek Gabriella.Turek at niwa.co.nz
Mon Nov 7 16:49:33 EST 2011


Hello, I am trying to set up Cyrus sasl so I can use it for pass-through authentication with OpenLDAP. The OS is SUSE sles11 and I thought I'd start with what is already there preinstalled (v.2.1.22)
I am trying to authenticate against Active Directory 2008.
My configuration file looks like:

ldap_servers: ldap://hamwdc01.niwa.local/
ldap_search_base: DC=niwa=,DC=local
ldap_scope: sub
ldap_sasl_mech: plain
ldap_auth_method: bind
ldap_bind_dn: "CN=SDT Tester,OU=NIWA Staff Accounts,OU=User Accounts,DC=niwa,DC=local"
ldap_password: mypassword
ldap_filter: (dn=%u)

When I try authenticate using testsaslauthd
I get:
>Authentication failed for some-user: Bind to ldap server failed (invalid user/password or insufficient access) (-7)

If I try a ldap_bind_dn of the form sdttester at niwa.local<mailto:sdttester at niwa.local> in the config file I get:
Authentication failed for some-user: Retry condition (ldap server connection reset or broken) (-3)

This is all very puzzling, as I can ldapsearch perfectly fine with any valid user I chose in either form (DN or userPrincipalName)

Is it possible that this installation of cyrus has not been compiled with ldap support? I would expect a bit more feedback.

I have thought about building my own version cyrus, but I have run into problems with versioning (I think)
Make fails:

make  all-recursive
make[1]: Entering directory `/home/turekg/cyrus-sasl-2.1.25'
Making all in include
make[2]: Entering directory `/home/turekg/cyrus-sasl-2.1.25/include'
make[2]: Nothing to be done for `all'.
make[2]: Leaving directory `/home/turekg/cyrus-sasl-2.1.25/include'
Making all in sasldb
make[2]: Entering directory `/home/turekg/cyrus-sasl-2.1.25/sasldb'
/bin/sh ../libtool   --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../include -I../include   -I/usr/local/BerkeleyDB.5.2/include  -DOBSOLETE_CRAM_ATTR=1  -Wall -W -g -O2 -MT db_berkeley.lo -MD -MP -MF .deps/db_berkeley.Tpo -c -o db_berkeley.lo db_berkeley.c
gcc -DHAVE_CONFIG_H -I. -I.. -I../include -I../include -I/usr/local/BerkeleyDB.5.2/include -DOBSOLETE_CRAM_ATTR=1 -Wall -W -g -O2 -MT db_berkeley.lo -MD -MP -MF .deps/db_berkeley.Tpo -c db_berkeley.c  -fPIC -DPIC -o db_berkeley.lo
db_berkeley.c: In function 'berkeleydb_open':
db_berkeley.c:82: warning: passing argument 3 of 'utils->getcallback' from incompatible pointer type
db_berkeley.c:107: warning: passing argument 2 of '(*mbdb)->open' from incompatible pointer type
db_berkeley.c:107: warning: passing argument 4 of '(*mbdb)->open' makes pointer from integer without a cast
db_berkeley.c:107: error: too few arguments to function '(*mbdb)->open'
db_berkeley.c: In function '_sasl_check_db':
db_berkeley.c:371: warning: passing argument 3 of 'utils->getcallback' from incompatible pointer type
make[2]: *** [db_berkeley.lo] Error 1
make[2]: Leaving directory `/home/turekg/cyrus-sasl-2.1.25/sasldb'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/turekg/cyrus-sasl-2.1.25'
make: *** [all] Error 2

I am very frustrated at this time and any help would be greatly appreciated! Thanx
Gaby




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20111107/aa0d49fa/attachment.html 


More information about the Cyrus-sasl mailing list