Re: SASL and OpenLDAP with SSL - PROBLEM SOLVED !!!!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Mihai Barbos <mihai.barbos@xxxxxxxxxxxxxx> writes:
> Hi
>
> Can someone please help me with the following (annoying) problem:
> I've got a saslauthd connecting to ldap on CentOS 5.0. With tls
> disabled everything seems to work OK. With tls enabled, the connection
> to LDAP is established OK but the authentication fails. LDAP
> (openldap) reports TLS established and then UNBIND.
>
> Does it ring any bell to anyone ? Any idea is welcome. Of course I can
> post any configuration that might be of interest.

Did you create the values of attribute type userpasswd with a hashing
scheme like CRYPT or SSHA?

-Dieter

Thanx guys for your comments.


The problem though was a LOT more trivial. The SSL certificate verification of the ^&%^* saslauthd is simply wrong. It looks like it compares the ldap server STRING FROM THE CONFIGURATION FILE WITH THE DN FROM THE CERTIFICATE.

So, if you have:
ldap_servers: ldap://gogoserver
in saslauthd.conf (or however you name it) an the certificate has been issued to gogoserver.gogoland.net (as it is normal) the verification fails and saslauthd bails out. Not to mention that the same happens if you use the IP or a CNAME.

Mihai


[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux