Hello, I am trying to set up Cyrus sasl so I can use it for pass-through authentication with OpenLDAP. The OS is SUSE sles11 and I thought I'd start with what is already there preinstalled (v.2.1.22)
I am trying to authenticate against Active Directory 2008.
My configuration file looks like:
ldap_servers: ldap://hamwdc01.niwa.local/
ldap_search_base: DC=niwa=,DC=local
ldap_scope: sub
ldap_sasl_mech: plain
ldap_auth_method: bind
ldap_bind_dn: "CN=SDT Tester,OU=NIWA Staff Accounts,OU=User Accounts,DC=niwa,DC=local"
ldap_password: mypassword
ldap_filter: (dn=%u)
When I try authenticate using testsaslauthd
I get:
>Authentication failed for some-user: Bind to ldap server failed (invalid user/password or insufficient access) (-7)
If I try a ldap_bind_dn of the form
sdttester@niwa.local in the config file I get:
Authentication failed for some-user: Retry condition (ldap server connection reset or broken) (-3)
This is all very puzzling, as I can ldapsearch perfectly fine with any valid user I chose in either form (DN or userPrincipalName)
Is it possible that this installation of cyrus has not been compiled with ldap support? I would expect a bit more feedback.
I have thought about building my own version cyrus, but I have run into problems with versioning (I think)
Make fails:
make all-recursive
make[1]: Entering directory `/home/turekg/cyrus-sasl-2.1.25'
Making all in include
make[2]: Entering directory `/home/turekg/cyrus-sasl-2.1.25/include'
make[2]: Nothing to be done for `all'.
make[2]: Leaving directory `/home/turekg/cyrus-sasl-2.1.25/include'
Making all in sasldb
make[2]: Entering directory `/home/turekg/cyrus-sasl-2.1.25/sasldb'
/bin/sh ../libtool --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../include -I../include -I/usr/local/BerkeleyDB.5.2/include -DOBSOLETE_CRAM_ATTR=1 -Wall -W -g -O2 -MT db_berkeley.lo -MD -MP -MF .deps/db_berkeley.Tpo -c -o db_berkeley.lo db_berkeley.c
gcc -DHAVE_CONFIG_H -I. -I.. -I../include -I../include -I/usr/local/BerkeleyDB.5.2/include -DOBSOLETE_CRAM_ATTR=1 -Wall -W -g -O2 -MT db_berkeley.lo -MD -MP -MF .deps/db_berkeley.Tpo -c db_berkeley.c -fPIC -DPIC -o db_berkeley.lo
db_berkeley.c: In function 'berkeleydb_open':
db_berkeley.c:82: warning: passing argument 3 of 'utils->getcallback' from incompatible pointer type
db_berkeley.c:107: warning: passing argument 2 of '(*mbdb)->open' from incompatible pointer type
db_berkeley.c:107: warning: passing argument 4 of '(*mbdb)->open' makes pointer from integer without a cast
db_berkeley.c:107: error: too few arguments to function '(*mbdb)->open'
db_berkeley.c: In function '_sasl_check_db':
db_berkeley.c:371: warning: passing argument 3 of 'utils->getcallback' from incompatible pointer type
make[2]: *** [db_berkeley.lo] Error 1
make[2]: Leaving directory `/home/turekg/cyrus-sasl-2.1.25/sasldb'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/turekg/cyrus-sasl-2.1.25'
make: *** [all] Error 2
I am very frustrated at this time and any help would be greatly appreciated! Thanx
Gaby
|