Dan Nicholson wrote:
On 4/22/06, Dan Nicholson <dbn.lists@xxxxxxxxx> wrote:
On 4/22/06, Dan Nicholson <dbn.lists@xxxxxxxxx> wrote:
Patrick, I'm going to assume that I have the same setup as you since I
took mine entirely from the Book of Postfix. I was having the same
problems with openldap-2.3.x, but I think I've solved the problem.
The big thing was getting the regexp in /etc/openldap/slapd.conf to
work correctly. Now, ldapwhoami checks out as well as ldapdb
authorization through the cyrus-sasl client/server utilities.
I lied. That worked when I only had one user under ou=people. Now I
have two, and one authenticates and one doesn't. I'm baffled. Here's
some output trying to authenticate through ldapwhoami with the
troublesome user.
$ ldapwhoami -Y DIGEST-MD5 -U proxy -X u:dan
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Insufficient access (50)
additional info: SASL(-14): authorization failure: not authorized
Changing my proxy user authzTo to this regex solved the ldapwhoami problem.
authzTo: dn.regex:uid=[^,]*,ou=people,dc=foo,dc=com
cyrus-sasl-2.1.21 server/client utilities now work too with ldapdb.
--
Dan
does postfix work with {CRYPT} password in LDAP?
TIA
Tuan
