Unable to load the ldapdb plugin -- during SMTP AUTH against LDAP server .

Bandaru, Vamsi bandaru.v at pg.com
Mon Apr 27 15:06:35 EDT 2020


Hi all ,

( This is my first post here ) ,

I am trying to use Cyrus SASL for SMTP authentication against my organization's LDAP server .

I have two major issues I noticed :

The auth.log under /var/log reads :

Apr 27 14:57:36 postfix-in-1/submission/smtpd[42282]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb
Apr 27 14:57:36 postfix-in-1/submission/smtpd[42282]: _sasl_plugin_load failed on sasl_canonuser_init for plugin: ldapdb

The message logs read :

saslauthd[85790]: detach_tty      : could not lock pid file /run/saslauthd/saslauthd.pid: Resource temporarily unavailable
saslauthd[85789]: detach_tty      : Cannot start saslauthd
saslauthd[85789]: detach_tty      : Another instance of saslauthd is currently running


These are the files , and their locations I am trying to configure . ( am I missing any other files to configure )


  1.  /etc/saslauthd.conf
  2.  /etc/sasl2/smtpd.conf


My  /etc/saslauthd.conf , is configured in the following way :

ldap_servers: ldaps://< hostname >:636
ldap_bind_dn: uid=xxx,ou=xx,ou=xx,o=xx
ldap_bind_pw: xxxx

ldap_version: 3
ldap_auth_method: bind
ldap_search_base: ou=xx,ou=ss,o=xx
ldap_scope: sub
ldap_filter: ShortName=%U

***********************************************************************

The  /etc/sasl2/smtpd.conf   is configured as :

pwcheck_method: auxprop
auxprop_plugin: ldapdb

mech_list: PLAIN LOGIN NTLM CRAM-MD5 DIGEST-MD5

****************************************************************

#ldapdb_mech: LOGIN   ( I am not sure if this parameter should be configured under smtpd.conf or under saslauthd.conf )



Output of : saslauthd -a ldap -O /etc/saslauthd.conf

# saslauthd -a ldap -O /etc/saslauthd.conf
saslauthd[91048] :detach_tty      : Cannot start saslauthd
saslauthd[91048] :detach_tty      : Another instance of saslauthd is currently running



  *   # ps aux | grep saslauthd
  *   root      84395  0.0  0.0  74456   956 ?        Ss   18:25   0:00 /usr/sbin/saslauthd -m /run/saslauthd -a ldap -r
  *   root      84396  0.0  0.0  74456   732 ?        S    18:25   0:00 /usr/sbin/saslauthd -m /run/saslauthd -a ldap -r
  *   root      84397  0.0  0.0  74456   732 ?        S    18:25   0:00 /usr/sbin/saslauthd -m /run/saslauthd -a ldap -r
  *   root      84398  0.0  0.0  74456   732 ?        S    18:25   0:00 /usr/sbin/saslauthd -m /run/saslauthd -a ldap -r
  *   root      84399  0.0  0.0  74456   732 ?        S    18:25   0:00 /usr/sbin/saslauthd -m /run/saslauthd -a ldap -r


SASL related configuration under postfix / main.cf file .

smtpd_sasl_auth_enable = yes
smtpd_sasl_type = cyrus

smtpd_sasl_path = /run/saslauthd/mux

#smtpd_sasl_path = /usr/lib64/sasl2
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_sasl_tls_security_options = noanonymous


*******************************************************************************


Could someone please help me if these are the only two files that requires configuration to get SASL working ?


  1.  /etc/saslauthd.conf
  2.  /etc/sasl2/smtpd.conf


And if I have got their configuration right .

And these are the packages I currently installed on my RHEL 7 system :

cyrus-sasl-2.1.26-23.el7.x86_64
cyrus-sasl-devel-2.1.26-23.el7.x86_64
cyrus-sasl-ldap-2.1.26-23.el7.x86_64
cyrus-sasl-md5-2.1.26-23.el7.x86_64
cyrus-sasl-ntlm-2.1.26-23.el7.x86_64
cyrus-sasl-plain-2.1.26-23.el7.x86_64
cyrus-sasl-lib-2.1.26-23.el7.x86_64


Any help / suggests are greatly appreciated .


Thanks and regards, Vamsi.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20200427/23d3a8f2/attachment-0001.html>


More information about the Cyrus-sasl mailing list