On 04/14/2010 06:19 AM, Dan White wrote: > So assuming you don't want to use the custom method, your config looks > like: > > ldap_servers: ldap://ldap.example.net/ > ldap_use_sasl: yes > ldap_mech: DIGEST-MD5 > > Or whatever mech you want to use. The fastbind auth method appears to > just > do a sasl bind with the credentials supplied by the user. > Thank you very much. I changed the sasslauthd.conf file accordingo to your suggetstions but it still does not work. In slapd (slapd -d -1) debug messages I get: . . . >>> slap_listener(ldap:///) connection_get(16): got connid=7 connection_read(16): checking for input on id=7 ber_get_next ber_get_next: tag 0x30 len 24 contents: ber_get_next do_bind ber_scanf fmt ({imt) ber: ber_scanf fmt ({m) ber: ber_scanf fmt (}}) ber: >>> dnPrettyNormal: <> <<< dnPrettyNormal: <>, <> do_sasl_bind: dn () mech DIGEST-MD5 SASL [conn=7] Debug: DIGEST-MD5 server step 1 send_ldap_sasl: err=14 len=196 send_ldap_response: msgid=1 tag=97 err=14 ber_flush: 215 bytes to sd 16 <== slap_sasl_bind: rc=14 connection_get(16): got connid=7 connection_read(16): checking for input on id=7 ber_get_next ber_get_next: tag 0x30 len 342 contents: ber_get_next do_bind ber_scanf fmt ({imt) ber: ber_scanf fmt ({m) ber: ber_scanf fmt (m) ber: ber_scanf fmt (}}) ber: >>> dnPrettyNormal: <> <<< dnPrettyNormal: <>, <> do_sasl_bind: dn () mech DIGEST-MD5 SASL [conn=7] Debug: DIGEST-MD5 server step 2 slap_sasl_getdn: u:id converted to uid=test@xxxxxxxxxxxx,cn=DIGEST-MD5,cn=auth >>> dnNormalize: <uid=test@xxxxxxxxxxxx,cn=DIGEST-MD5,cn=auth> <<< dnNormalize: <uid=test@xxxxxxxxxxxx,cn=digest-md5,cn=auth> ==>slap_sasl2dn: converting SASL name uid=test@xxxxxxxxxxxx,cn=digest-md5,cn=auth to a DN slap_authz_regexp: converting SASL name uid=test@xxxxxxxxxxxx,cn=digest-md5,cn=auth <==slap_sasl2dn: Converted SASL name to <nothing> SASL [conn=7] Failure: no secret in database send_ldap_result: conn=7 op=1 p=3 send_ldap_response: msgid=2 tag=97 err=49 ber_flush: 62 bytes to sd 16 <== slap_sasl_bind: rc=49 It seems like sasl-regexp are not parsed in slapd.conf file. Thank you very much! -- Giovanni Malfarà Per favore non mandatemi allegati in Word o PowerPoint. Si veda http://www.gnu.org/philosophy/no-word-attachments.it.html "Ciò che conta in guerra non sono gli uomini, è l'uomo cioè il soldato che sa battersi fino in fondo, difendendo un pezzo di terra o, contro ogni logica, un brandello di idea". (Napoleone Bonaparte).
begin:vcard fn;quoted-printable:Giovanni Malfar=C3=A0 n;quoted-printable:Malfar=C3=A0;Giovanni email;internet:giovanni.malfara@xxxxxxxxx x-mozilla-html:FALSE version:2.1 end:vcard
