saslauthd with openldap
Marc Patermann
hans.moser at ofd-z.niedersachsen.de
Fri Apr 19 08:06:34 EDT 2013
Paul,
Paul van der Vlis schrieb (19.04.2013 11:58 Uhr):
> I am trying to get saslauthd working
While this is not IMAPd related, why don't your try a SASL list?
> to authenticate on openLDAP with
> passwords stored with a MD5 hash (base64 encoded) in the field
> UserPassword. The passwords are created with smb-ldap so I think it's
> normal that they are base64 encoded.
Is SASL auxprop ldapdb not an option for you?
> "testsaslauthd -u mailtest -p secret" gives always "authentication
> failed". In auth.log I see always: "Bind failed".
>
> I've tried many options in saslauthd.conf, at the moment it's this:
> --------
> ldap_servers: ldap://192.168.28.240/
> ldap_auth_method: custom
> ldap_bind_dn: uid=admin,dc=domain,dc=local
> ldap_bind_pw: secret
> ldap_search_base: ou=Users,dc=domain,dc=local
> ldap_filter: cn=%u
> --------
what does
# ldapsearch -H ldap://192.168.28.240/ -x -D
uid=admin,dc=domain,dc=local -w secret -B ou=Users,dc=domain,dc=local
cn=oneOfYourUsernames
for you?
> I am using cyrus-sasl2 version 2.1.25.dfsg1-6 from Debian Wheezy.
> LDAP is on an old machine (Ubuntu 8.04, slapd version 2.4.7).
FYI: For a production use LDAP server it is best advice from the
openldap developers to use the lastest version, which is 2.4.35.
Marc
More information about the Info-cyrus
mailing list