upgrade from Cyrus 2.1.15 to cyrus 2.2.3 breaks LDAP
auxpropauthentication.
Edward Rudd
eddie at omegaware.com
Wed Feb 11 21:54:03 EST 2004
Here is the "nohup slapd -d 255" file. and the entries from auth.log
when running
"imtest -a cyrus -u cyrus -m login devel"
Feb 11 20:48:13 devel slapd[2927]: auxpropfunc error -7
Feb 11 20:48:13 devel slapd[2927]: _sasl_plugin_load failed on
sasl_auxprop_plug_init for plugin: ldapdb
Feb 11 20:48:20 devel imap[2922]: DIGEST-MD5 client step 2
Feb 11 20:48:20 devel imap[2922]: DIGEST-MD5 client step 2
Feb 11 20:48:20 devel imap[2922]: bad userid authenticated
There is no step 1 in there.. How odd..
On Wed, 2004-02-11 at 19:58, Howard Chu wrote:
> > -----Original Message-----
> > From: owner-cyrus-sasl at lists.andrew.cmu.edu
> > [mailto:owner-cyrus-sasl at lists.andrew.cmu.edu]On Behalf Of Edward Rudd
>
> > OK I patched my OpenLDAP and recompiled, installed restarted postfix,
> > cyrus imapd, and started up ldap. And it still retuns "user not found"
> > when I try to login to cyrus imap. But the auth.log now shows
> > something different..
> > --- auth.log ---
> > Feb 11 19:19:46 devel imtest: DIGEST-MD5 client step 2
> > Feb 11 19:19:53 devel imtest: DIGEST-MD5 client step 2
> > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 server step 2
> > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 client step 2
> > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 client step 2
> > Feb 11 19:19:53 devel imap[2282]: bad userid authenticated
> > Feb 11 19:19:53 devel imap[2282]: no secret in database
> > ----
>
> What happened to step 1?
>
> > And my ldap.log shows this (loglevel 255)
> > --- ldap.log ---
> > Feb 11 19:19:53 devel slapd[2053]: daemon: read activity on 12
> > Feb 11 19:19:53 devel slapd[2053]: connection_get(12)
> > Feb 11 19:19:53 devel slapd[2053]: connection_get(12): got connid=5
> > Feb 11 19:19:53 devel slapd[2053]: connection_read(12): checking for
> > input on id=5
>
> OpenLDAP's syslog output is not useful for debugging; it's mainly for
> reporting normal operational status. You need to run slapd in debug mode and
> save the output from stderr when you actually want to chase a bug.
>
> In this case, both your auth.log and your ldap.log indicate that a SASL Bind
> has been performed in an improper sequence (i.e., step 1 doesn't appear in
> the log, and it seems that some other request has been made before the SASL
> Bind properly completed.). To see exactly what happened, you'll need the
> debug trace from slapd.
>
> -- Howard Chu
> Chief Architect, Symas Corp. Director, Highland Sun
> http://www.symas.com http://highlandsun.com/hyc
> Symas: Premier OpenSource Development and Support
>
--
Edward Rudd <eddie at omegaware.com>
Website http://outoforder.cc/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ldaplog.gz
Type: application/x-gzip
Size: 14873 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20040211/d97c398a/ldaplog.bin
More information about the Info-cyrus
mailing list