Hi all, I have a problem with SASL with a LDAP backend. I installed the following packages on a Centos 5.4 x86_64 cyrus-sasl-2.1.22-5.el5_4.3 cyrus-sasl-ldap-2.1.22-5.el5_4.3 cyrus-sasl-md5-2.1.22-5.el5_4.3 openldap-2.3.43-3.el5 I have the following /etc/saslauthd.conf ldap_server: ldap://"my server address" :389 ldap_bind_dn: cn=Manager,dc=mycompany,dc=it ldap_search_base: ou=People,dc=mycompany,dc=it ldap_filter: (objectClass=inetOrgPerson) ldap_use_sasl: yes ldap_bind_pw: "my passwd in SSHA" ldap_auth_method: bind ldap_verbose: on ldap_debug: 10 ldap_version: 3 and the following /etc/openldap/slapd.conf: include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/authldap.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/samba.schema include /etc/openldap/schema/radius.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args access to dn.base= by * read access to dn="" by * read access to dn.base="" by self write by * auth access to * attrs=userPassword by self write by * write access to attrs=shadowLastChange by self write by * read access to * by * read by anonymous auth loglevel -1 schemacheck on idletimeout 30000 backend bdb database bdb cachesize 10000 password-hash {CLEARTEXT} suffix dc=mycompany,dc=it rootdn cn=Manager,dc=mycompany,dc=it rootpw {SSHA}"..." checkpoint 1024 5 directory /var/lib/ldap sasl-authz-policy to sasl-regexp uid=(.*),cn=.*,cn=auth ldap:///ou=People,dc=mycompany,dc=it??sub?(&(mail=$1)(objectClass=inetOrgPerson)) # Indices to maintain index objectClass eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUID eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index mail,maildrop pres index mailbox,quota eq index default sub TLSCACertificateFile /etc/openldap/cacert.pem TLSCertificateFile /etc/openldap/servercrt.pem TLSCertificateKeyFile /etc/openldap/serverkey.pem TLSVerifyClient demand When I try this: testsaslauthd -u test@xxxxxxxxxxxx -p test I get in openldap.log: Apr 13 13:33:47 ldap slapd[904]: conn=2657 fd=22 ACCEPT from IP=127.0.0.1:38506 (IP=0.0.0.0:389) Apr 13 13:33:47 ldap slapd[904]: conn=2657 op=0 SRCH base="" scope=0 deref=0 filter="(objectClass=*)" Apr 13 13:33:47 ldap slapd[904]: conn=2657 op=0 SRCH attr=supportedSASLMechanisms Apr 13 13:33:47 ldap slapd[904]: conn=2657 op=0 SEARCH RESULT tag=101 err=0 nentries=1 text= Apr 13 13:33:47 ldap slapd[904]: conn=2657 op=1 BIND dn="" method=163 Apr 13 13:33:47 ldap slapd[904]: conn=2657 op=1 RESULT tag=97 err=14 text= Apr 13 13:33:47 ldap slapd[904]: conn=2657 op=2 BIND dn="" method=163 Apr 13 13:33:47 ldap slapd[904]: SASL [conn=2657] Failure: no secret in database Apr 13 13:33:47 ldap slapd[904]: conn=2657 op=2 RESULT tag=97 err=49 text=SASL(-13): user not found: no secret in database and in "saslauthd -d" messages: saslauthd[15464] :main : num_procs : 5 saslauthd[15464] :main : mech_option: NULL saslauthd[15464] :main : run_path : /var/run/saslauthd/ saslauthd[15464] :main : auth_mech : ldap saslauthd[15464] :ipc_init : using accept lock file: /var/run/saslauthd//mux.accept saslauthd[15464] :detach_tty : master pid is: 0 saslauthd[15464] :ipc_init : listening on socket: /var/run/saslauthd//mux saslauthd[15464] :main : using process model saslauthd[15465] :get_accept_lock : acquired accept lock saslauthd[15464] :have_baby : forked child: 15465 saslauthd[15464] :have_baby : forked child: 15466 saslauthd[15464] :have_baby : forked child: 15467 saslauthd[15464] :have_baby : forked child: 15468 saslauthd[15465] :rel_accept_lock : released accept lock request done: ld 0x153e2880 msgid 1 request done: ld 0x153e2880 msgid 2 saslauthd[15466] :get_accept_lock : acquired accept lock request done: ld 0x153e2880 msgid 3 saslauthd[15465] :do_auth : auth failure: [user=test@xxxxxxxxxxxx] [service=imap] [realm=] [mech=ldap] [reason=Unknown] saslauthd[15465] :do_request : response: NO What's wrong? I searched all over the world but nothing. Thanks in advance!
begin:vcard fn;quoted-printable:Giovanni Malfar=C3=A0 n;quoted-printable:Malfar=C3=A0;Giovanni email;internet:giovanni.malfara@xxxxxxxxx tel;fax:+390690280408 tel;home:+390620763997 tel;cell:+393491823135 x-mozilla-html:FALSE version:2.1 end:vcard
