saslauthd authentication problem

Paul Wolstenholme wolstena at sfu.ca
Fri Sep 3 14:55:16 EDT 2004 

On 3-Sep-04, at 11:29 AM, Igor Brezac wrote:

>
> On Fri, 3 Sep 2004, Paul Wolstenholme wrote:
>
>> I have saslauthd configured to use ldap. The uid have an "@".  
>> Authentication works using testsaslauthd:
>>
>> Sep  3 10:38:36 localhost slapd[1248]: conn=118 op=0 BIND  
>> dn="cn=Administrator,o=shoutout" method=128
>> Sep  3 10:38:36 localhost slapd[1248]: conn=118 op=0 BIND  
>> dn="cn=Administrator,o=shoutout" mech=SIMPLE ssf=0
>> Sep  3 10:38:36 localhost slapd[1248]: conn=118 op=0 RESULT tag=97  
>> err=0 text=
>> Sep  3 10:38:36 localhost slapd[1248]: conn=118 op=1 SRCH  
>> base="o=shoutout" scope=2 filter="(uid=paul at shoutout.ca)"
>> Sep  3 10:38:36 localhost slapd[1248]: conn=118 op=1 SRCH attr=dn
>> Sep  3 10:38:36 localhost slapd[1248]: conn=118 op=1 SEARCH RESULT  
>> tag=101 err=0 nentries=1 text=
>> Sep  3 10:38:36 localhost slapd[1248]: conn=118 op=2 BIND anonymous  
>> mech=implicit ssf=0
>> Sep  3 10:38:36 localhost slapd[1248]: conn=118 op=2 BIND  
>> dn="uid=paul at shoutout.ca,ou=users,ispmanDomain=shoutout.ca,o=shoutout" 
>>  method=128
>> Sep  3 10:38:36 localhost slapd[1248]: conn=118 op=2 BIND  
>> dn="uid=paul at shoutout.ca,ou=users,ispmanDomain=shoutout.ca,o=shoutout" 
>>  mech=SIMPLE ssf=0
>> Sep  3 10:38:36 localhost slapd[1248]: conn=118 op=2 RESULT tag=97  
>> err=0 text=
>>
>>
>> However, authentication failds whenusing imtest:
>> imtest -u 'paul at shoutout.ca' localhost
>>
>> Sep  3 10:37:12 localhost slapd[1248]: conn=87 op=3 BIND anonymous  
>> mech=implicit ssf=0
>> Sep  3 10:37:12 localhost slapd[1248]: conn=87 op=3 BIND  
>> dn="cn=Administrator,o=shoutout" method=128
>> Sep  3 10:37:12 localhost slapd[1248]: conn=87 op=3 BIND  
>> dn="cn=Administrator,o=shoutout" mech=SIMPLE ssf=0
>> Sep  3 10:37:12 localhost slapd[1248]: conn=87 op=3 RESULT tag=97  
>> err=0 text=
>> Sep  3 10:37:12 localhost slapd[1248]: conn=87 op=4 SRCH  
>> base="o=shoutout" scope=2 filter="(uid=wolstena)"
>> Sep  3 10:37:12 localhost slapd[1248]: conn=87 op=4 SRCH attr=dn
>> Sep  3 10:37:12 localhost slapd[1248]: conn=87 op=4 SEARCH RESULT  
>> tag=101 err=0 nentries=1 text=
>> Sep  3 10:37:12 localhost slapd[1248]: conn=87 op=5 BIND anonymous  
>> mech=implicit ssf=0
>> Sep  3 10:37:12 localhost slapd[1248]: conn=87 op=5 BIND  
>> dn="ispmanClientId=1,ispmanResellerId=2,ou=ispman,o=shoutout"  
>> method=128
>>
>>
>> I thought I may need a ldap_filter in my imapd.conf file:
>> ldap_filter: (uid=%u)
>
> Your defaultdomain in imapd.conf must be shoutout.ca.  If this is the  
> case, cyrus imap will drop the domain portion.
>
> In saslauthd.conf do:
> ldap_filter: (uid=%U@%r)
> ldap_default_realm: shoutout.ca


Thanks you, that did the trick.

>
> -- 
> Igor
> ---
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list