cyrus-sasl / ldap problem

Igor Brezac igor at ipass.net
Tue Oct 29 14:34:27 EST 2002 

On Tue, 29 Oct 2002, Gregory Chagnon wrote:

> One more thing...now when I run testsaslauthd, I get this entry in
> /var/log/ldap.log:
>
> Oct 29 14:13:58 Lunar slapd[5790]: conn=3D102 op=3D1 SRCH base=3D"" sco=
pe=3D2
> filter=3D"(uid=3Dgreg.chagnon)"
> Oct 29 14:13:58 Lunar slapd[5790]: send_ldap_result: conn=3D102 op=3D1 =
p=3D3
> Oct 29 14:13:58 Lunar slapd[5790]: send_ldap_result: 10::
> Oct 29 14:13:58 Lunar slapd[5790]: send_ldap_response: msgid=3D2 tag=3D=
101
> err=3D32
> Oct 29 14:13:58 Lunar slapd[5790]: conn=3D102 op=3D1 RESULT tag=3D101 e=
rr=3D32 text=3D
>
> Shouldn't SRCH base be set to something?  In my case it would be
> ou=3DUsers,dc=3Dgregbox,dc=3Dcom.  Where is that set?

You need to specify search base in saslauthd.conf:

ldap_search_base: ou=3DUsers,dc=3Dgregbox,dc=3Dcom

-Igor

> -Greg
>
>
>
>
>
>
> >From: Igor Brezac <igor at ipass.net>
> >Reply-To: info-cyrus at lists.andrew.cmu.edu
> >To: Gregory Chagnon <gregchagnon at hotmail.com>
> >CC: info-cyrus at lists.andrew.cmu.edu
> >Subject: Re: cyrus-sasl / ldap problem
> >Date: Tue, 29 Oct 2002 10:52:59 -0500 (EST)
> >
> >
> >It looks like saslauthd is not running or testsaslauthd is pointing to=
 a
> >wrong socket.  I am not sure where you got your rpm sources from, but =
I
> >suggest that you get the sources from CMU and recompile:
> >http://asg.web.cmu.edu/cyrus/download/
> >
> >I recommend that you download cyrus-sasl from CVS:
> >http://asg.web.cmu.edu/cyrus/download/anoncvs.html
> >
> >-Igor
> >
> >On Tue, 29 Oct 2002, Gregory Chagnon wrote:
> >
> > > Igor:
> > > I get this error when I run testsaslauthd:
> > > [root at Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> ./testsaslauthd -=
u
> > > cliff.clavin -p *****
> > > connect() : No such file or directory
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > >From: Igor Brezac <igor at ipass.net>
> > > >Reply-To: info-cyrus at lists.andrew.cmu.edu
> > > >To: Gregory Chagnon <gregchagnon at hotmail.com>
> > > >CC: info-cyrus at lists.andrew.cmu.edu
> > > >Subject: Re: cyrus-sasl / ldap problem
> > > >Date: Tue, 29 Oct 2002 09:22:22 -0500 (EST)
> > > >
> > > >
> > > >Test saslauthd first.  cd $cyrus-sasl-src/saslauthd; make testsasl=
authd
> > > >./testsaslauthd -u username -p password
> > > >
> > > >If you do not get OK, check syslog for saslauthd errors.
> > > >
> > > >-Igor
> > > >
> > > >On Tue, 29 Oct 2002, Gregory Chagnon wrote:
> > > >
> > > > > Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDA=
P.
> >User
> > > > > cliff.clavin is under ou=3DUsers,dc=3Dgregbox,dc=3Dcom.  When I=
 run
> >imtest,
> > > >here
> > > > > is the error I get...thanks everyone so much in advance:
> > > > >
> > > > > [root at Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin
> >localhost
> > > > > S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server read=
y
> > > > > C: C01 CAPABILITY
> > > > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFE=
RRALS
> > > > > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAP=
PEND
> >SORT
> > > > > THREAD=3DORDEREDSUBJECT THREAD=3DREFERENCES IDLE STARTTLS LISTE=
XT
> > > > > LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE
> > > > > S: C01 OK Completed
> > > > > Please enter your password:
> > > > > C: L01 LOGIN cliff.clavin {6}
> > > > > S: + go ahead
> > > > > C: <omitted>
> > > > > S: L01 NO Login failed: generic failure
> > > > > Authentication failed. generic failure
> > > > > Security strength factor: 0
> > > > > C: Q01 LOGOUT
> > > > > Connection closed.
> > > > >
> > > > >
> > > > > Here is the entry from /var/log/imap.log:
> > > > >
> > > > > Oct 29 08:47:14 Lunar master[6197]: about to exec
> > > >/usr/libexec/cyrus/imapd
> > > > > Oct 29 08:47:14 Lunar imap[6197]: executed
> > > > > Oct 29 08:47:14 Lunar imapd[5489]: accepted connection
> > > > > Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1]
> >plaintext
> > > > > cliff.clavin SASL(-1): generic failure: checkpass failed
> > > > > Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status=
 0
> > > > >
> > > > >
> > > > > Here are my config files:
> > > > >
> > > > > <<imap.conf>>
> > > > >
> > > > > configdirectory: /var/lib/imap
> > > > > partition-default: /var/spool/imap
> > > > > admins: cliff.clavin cyrus gchagnon
> > > > > allowanonymouslogin: no
> > > > > sieveuserhomedir: no
> > > > > sievedir: /var/lib/imap/sieve
> > > > > sendmail: /usr/sbin/sendmail
> > > > > hashimapspool: true
> > > > > sasl_pwcheck_method: saslauthd
> > > > > sasl_passwd_check: saslauthd
> > > > > sasl_ldap_server: localhost
> > > > > #sasl_ldap_basedn: ou=3DUsers,dc=3Dgregbox,dc=3Dcom
> > > > > sasl_ldap_basedn: dc=3Dgregbox,dc=3Dcom
> > > > > sasl_mech_list: PLAIN
> > > > > tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
> > > > > tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
> > > > >
> > > > > <<saslauthd.conf>>
> > > > >
> > > > > ldap_servers: ldap://localhost/
> > > > > ldap_bind_dn: cn=3DManager,dc=3Dgregbox,dc=3Dcom
> > > > > ldap_bind_pw: *******
> > > > >
> > > > > <<slapd.conf (important parts)>>
> > > > > database        ldbm
> > > > > suffix          "dc=3Dgregbox,dc=3Dcom"
> > > > > rootdn          "cn=3DManager,dc=3Dgregbox,dc=3Dcom"
> > > > > rootpw          *******
> > > > > directory       /var/lib/ldap
> > > > >
> > > > > index   objectClass,uid,uidNumber,gidNumber,memberUid   eq
> > > > > index   cn,mail,surname,givenname
> >eq,subinitial
> > > > >
> > > > >
> > > > >
> > > > > _______________________________________________________________=
__
> > > > > Protect your PC - get McAfee.com VirusScan Online
> > > > > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3D3963
> > > > >
> > > > >
> > > >
> > > >--
> > > >Igor
> > >
> > >
> > > _________________________________________________________________
> > > Unlimited Internet access -- and 2 months free!=A0 Try MSN.
> > > http://resourcecenter.msn.com/access/plans/2monthsfree.asp
> > >
> > >
> >
> >--
> >Igor
>
>
> _________________________________________________________________
> Get faster connections=A0-- switch to=A0MSN Internet Access!
> http://resourcecenter.msn.com/access/plans/default.asp
>
>

--=20
Igor

More information about the Info-cyrus mailing list