I'm configuring openldap+sasl+samba for my company. I made a lot of googling without success Please assist me to resolve this issue. I have following when i run ldapsearch (*********after ldapsearch log i gave some additional configurations):
[root@example openldap]# ldapsearch -LLL -U matt@xxxxxxxxxxx -v '(uid=matt@xxxxxxxxxxx)' uid -d -1
ldap_initialize( <DEFAULT> )
ldap_create
ldap_pvt_sasl_getmech
ldap_search
put_filter: "(objectclass=*)"
put_filter: simple
put_simple_filter: "objectclass=*"
ldap_build_search_req ATTRS: supportedSASLMechanisms
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:389
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying ::1 389
ldap_pvt_connect: fd: 3 tm: -1 async: 0
attempting to connect:
connect success
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x16a1730 ptr=0x16a1730 end=0x16a1770 len=64
0000: 30 3e 02 01 01 63 39 04 00 0a 01 00 0a 01 00 02 0>...c9.........
0010: 01 00 02 01 00 01 01 00 87 0b 6f 62 6a 65 63 74 ..........object
0020: 63 6c 61 73 73 30 19 04 17 73 75 70 70 6f 72 74 class0...support
0030: 65 64 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d 73 edSASLMechanisms
ber_scanf fmt ({) ber:
ber_dump: buf=0x16a1730 ptr=0x16a1735 end=0x16a1770 len=59
0000: 63 39 04 00 0a 01 00 0a 01 00 02 01 00 02 01 00 c9..............
0010: 01 01 00 87 0b 6f 62 6a 65 63 74 63 6c 61 73 73 .....objectclass
0020: 30 19 04 17 73 75 70 70 6f 72 74 65 64 53 41 53 0...supportedSAS
0030: 4c 4d 65 63 68 61 6e 69 73 6d 73 LMechanisms
ber_flush2: 64 bytes to sd 3
0000: 30 3e 02 01 01 63 39 04 00 0a 01 00 0a 01 00 02 0>...c9.........
0010: 01 00 02 01 00 01 01 00 87 0b 6f 62 6a 65 63 74 ..........object
0020: 63 6c 61 73 73 30 19 04 17 73 75 70 70 6f 72 74 class0...support
0030: 65 64 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d 73 edSASLMechanisms
ldap_write: want=64, written=64
0000: 30 3e 02 01 01 63 39 04 00 0a 01 00 0a 01 00 02 0>...c9.........
0010: 01 00 02 01 00 01 01 00 87 0b 6f 62 6a 65 63 74 ..........object
0020: 63 6c 61 73 73 30 19 04 17 73 75 70 70 6f 72 74 class0...support
0030: 65 64 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d 73 edSASLMechanisms
ldap_result ld 0x16993b0 msgid 1
wait4msg ld 0x16993b0 msgid 1 (infinite timeout)
wait4msg continue ld 0x16993b0 msgid 1 all 1
** ld 0x16993b0 Connections:
* host: localhost port: 389 (default)
refcnt: 2 status: Connected
last used: Sat Nov 5 14:10:08 2016
** ld 0x16993b0 Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
ld 0x16993b0 request count 1 (abandoned 0)
** ld 0x16993b0 Response Queue:
Empty
ld 0x16993b0 response count 0
ldap_chkResponseList ld 0x16993b0 msgid 1 all 1
ldap_chkResponseList returns ld 0x16993b0 NULL
ldap_int_select
read1msg: ld 0x16993b0 msgid 1 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 32 02 01 01 64 2d 04 02...d-.
ldap_read: want=44, got=44
0000: 00 30 29 30 27 04 17 73 75 70 70 6f 72 74 65 64 .0)0'..supported
0010: 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d 73 31 0c SASLMechanisms1.
0020: 04 0a 44 49 47 45 53 54 2d 4d 44 35 ..DIGEST-MD5
ber_get_next: tag 0x30 len 50 contents:
ber_dump: buf=0x16a2be0 ptr=0x16a2be0 end=0x16a2c12 len=50
0000: 02 01 01 64 2d 04 00 30 29 30 27 04 17 73 75 70 ...d-..0)0'..sup
0010: 70 6f 72 74 65 64 53 41 53 4c 4d 65 63 68 61 6e portedSASLMechan
0020: 69 73 6d 73 31 0c 04 0a 44 49 47 45 53 54 2d 4d isms1...DIGEST-M
0030: 44 35 D5
read1msg: ld 0x16993b0 msgid 1 message type search-entry
wait4msg continue ld 0x16993b0 msgid 1 all 1
** ld 0x16993b0 Connections:
* host: localhost port: 389 (default)
refcnt: 2 status: Connected
last used: Sat Nov 5 14:10:08 2016
** ld 0x16993b0 Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
ld 0x16993b0 request count 1 (abandoned 0)
** ld 0x16993b0 Response Queue:
* msgid 1, type 100
ld 0x16993b0 response count 1
ldap_chkResponseList ld 0x16993b0 msgid 1 all 1
ldap_chkResponseList returns ld 0x16993b0 NULL
ldap_int_select
read1msg: ld 0x16993b0 msgid 1 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 0c 02 01 01 65 07 0a 0....e..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00 ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x16a2cc0 ptr=0x16a2cc0 end=0x16a2ccc len=12
0000: 02 01 01 65 07 0a 01 00 04 00 04 00 ...e........
read1msg: ld 0x16993b0 msgid 1 message type search-result
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x16a2cc0 ptr=0x16a2cc3 end=0x16a2ccc len=9
0000: 65 07 0a 01 00 04 00 04 00 e........
read1msg: ld 0x16993b0 0 new referrals
read1msg: mark request completed, ld 0x16993b0 msgid 1
request done: ld 0x16993b0 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
adding response ld 0x16993b0 msgid 1 type 101:
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_dump: buf=0x16a2cc0 ptr=0x16a2cc3 end=0x16a2ccc len=9
0000: 65 07 0a 01 00 04 00 04 00 e........
ber_scanf fmt (}) ber:
ber_dump: buf=0x16a2cc0 ptr=0x16a2ccc end=0x16a2ccc len=0
ldap_get_values
ber_scanf fmt ({x{{a) ber:
ber_dump: buf=0x16a2be0 ptr=0x16a2be3 end=0x16a2c12 len=47
0000: 64 2d 04 00 30 29 30 27 04 17 73 75 70 70 6f 72 d-..0)0'..suppor
0010: 74 65 64 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d tedSASLMechanism
0020: 73 31 0c 04 0a 44 49 47 45 53 54 2d 4d 44 35 s1...DIGEST-MD5
ber_scanf fmt ([v]) ber:
ber_dump: buf=0x16a2be0 ptr=0x16a2c04 end=0x16a2c12 len=14
0000: 31 0c 04 0a 44 49 47 45 53 54 2d 4d 44 35 1...DIGEST-MD5
ldap_msgfree
ldap_sasl_interactive_bind: server supports: DIGEST-MD5
ldap_int_sasl_bind: DIGEST-MD5
ldap_int_sasl_open: host=localhost
SASL/DIGEST-MD5 authentication started
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x16a5e20 ptr=0x16a5e20 end=0x16a5e3a len=26
0000: 30 18 02 01 02 60 13 02 01 03 04 00 a3 0c 04 0a 0....`..........
0010: 44 49 47 45 53 54 2d 4d 44 35 DIGEST-MD5
ber_scanf fmt ({i) ber:
ber_dump: buf=0x16a5e20 ptr=0x16a5e25 end=0x16a5e3a len=21
0000: 60 13 02 01 03 04 00 a3 0c 04 0a 44 49 47 45 53 `..........DIGES
0010: 54 2d 4d 44 35 T-MD5
ber_flush2: 26 bytes to sd 3
0000: 30 18 02 01 02 60 13 02 01 03 04 00 a3 0c 04 0a 0....`..........
0010: 44 49 47 45 53 54 2d 4d 44 35 DIGEST-MD5
ldap_write: want=26, written=26
0000: 30 18 02 01 02 60 13 02 01 03 04 00 a3 0c 04 0a 0....`..........
0010: 44 49 47 45 53 54 2d 4d 44 35 DIGEST-MD5
ldap_msgfree
ldap_result ld 0x16993b0 msgid 2
wait4msg ld 0x16993b0 msgid 2 (infinite timeout)
wait4msg continue ld 0x16993b0 msgid 2 all 1
** ld 0x16993b0 Connections:
* host: localhost port: 389 (default)
refcnt: 2 status: Connected
last used: Sat Nov 5 14:10:08 2016
** ld 0x16993b0 Outstanding Requests:
* msgid 2, origid 2, status InProgress
outstanding referrals 0, parent count 0
ld 0x16993b0 request count 1 (abandoned 0)
** ld 0x16993b0 Response Queue:
Empty
ld 0x16993b0 response count 0
ldap_chkResponseList ld 0x16993b0 msgid 2 all 1
ldap_chkResponseList returns ld 0x16993b0 NULL
ldap_int_select
read1msg: ld 0x16993b0 msgid 2 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 81 d9 02 01 02 61 81 0.....a.
ldap_read: want=212, got=212
0000: d3 0a 01 0e 04 00 04 1c 53 41 53 4c 28 30 29 3a ........SASL(0):
0010: 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 73 75 successful resu
0020: 6c 74 3a 20 87 81 ad 6e 6f 6e 63 65 3d 22 4f 53 lt: ...nonce="OS
0030: 38 6d 31 32 77 6a 41 62 6d 2b 62 4e 50 67 6a 37 8m12wjAbm+bNPgj7
0040: 2b 48 53 6e 65 36 58 69 41 6f 6f 6a 37 6a 31 6f +HSne6XiAooj7j1o
0050: 41 38 54 49 34 78 58 71 6f 3d 22 2c 72 65 61 6c A8TI4xXqo=",real
0060: 6d 3d 22 6c 6f 63 61 6c 68 6f 73 74 22 2c 71 6f m="localhost",qo
0070: 70 3d 22 61 75 74 68 2c 61 75 74 68 2d 69 6e 74 p="auth,auth-int
0080: 2c 61 75 74 68 2d 63 6f 6e 66 22 2c 63 69 70 68 ,auth-conf",ciph
0090: 65 72 3d 22 72 63 34 2d 34 30 2c 72 63 34 2d 35 er="rc4-40,rc4-5
00a0: 36 2c 72 63 34 22 2c 6d 61 78 62 75 66 3d 36 35 6,rc4",maxbuf=65
00b0: 35 33 36 2c 63 68 61 72 73 65 74 3d 75 74 66 2d 536,charset=utf-
00c0: 38 2c 61 6c 67 6f 72 69 74 68 6d 3d 6d 64 35 2d 8,algorithm=md5-
00d0: 73 65 73 73 sess
ber_get_next: tag 0x30 len 217 contents:
ber_dump: buf=0x16a6f00 ptr=0x16a6f00 end=0x16a6fd9 len=217
0000: 02 01 02 61 81 d3 0a 01 0e 04 00 04 1c 53 41 53 ...a.........SAS
0010: 4c 28 30 29 3a 20 73 75 63 63 65 73 73 66 75 6c L(0): successful
0020: 20 72 65 73 75 6c 74 3a 20 87 81 ad 6e 6f 6e 63 result: ...nonc
0030: 65 3d 22 4f 53 38 6d 31 32 77 6a 41 62 6d 2b 62 e="OS8m12wjAbm+b
0040: 4e 50 67 6a 37 2b 48 53 6e 65 36 58 69 41 6f 6f NPgj7+HSne6XiAoo
0050: 6a 37 6a 31 6f 41 38 54 49 34 78 58 71 6f 3d 22 j7j1oA8TI4xXqo="
0060: 2c 72 65 61 6c 6d 3d 22 6c 6f 63 61 6c 68 6f 73 ,realm="localhos
0070: 74 22 2c 71 6f 70 3d 22 61 75 74 68 2c 61 75 74 t",qop="auth,aut
0080: 68 2d 69 6e 74 2c 61 75 74 68 2d 63 6f 6e 66 22 h-int,auth-conf"
0090: 2c 63 69 70 68 65 72 3d 22 72 63 34 2d 34 30 2c ,cipher="rc4-40,
00a0: 72 63 34 2d 35 36 2c 72 63 34 22 2c 6d 61 78 62 rc4-56,rc4",maxb
00b0: 75 66 3d 36 35 35 33 36 2c 63 68 61 72 73 65 74 uf=65536,charset
00c0: 3d 75 74 66 2d 38 2c 61 6c 67 6f 72 69 74 68 6d =utf-8,algorithm
00d0: 3d 6d 64 35 2d 73 65 73 73 =md5-sess
read1msg: ld 0x16993b0 msgid 2 message type bind
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x16a6f00 ptr=0x16a6f03 end=0x16a6fd9 len=214
0000: 61 81 d3 0a 01 0e 04 00 04 1c 53 41 53 4c 28 30 a.........SASL(0
0010: 29 3a 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 ): successful re
0020: 73 75 6c 74 3a 20 87 81 ad 6e 6f 6e 63 65 3d 22 sult: ...nonce="
0030: 4f 53 38 6d 31 32 77 6a 41 62 6d 2b 62 4e 50 67 OS8m12wjAbm+bNPg
0040: 6a 37 2b 48 53 6e 65 36 58 69 41 6f 6f 6a 37 6a j7+HSne6XiAooj7j
0050: 31 6f 41 38 54 49 34 78 58 71 6f 3d 22 2c 72 65 1oA8TI4xXqo=",re
0060: 61 6c 6d 3d 22 6c 6f 63 61 6c 68 6f 73 74 22 2c alm="localhost",
0070: 71 6f 70 3d 22 61 75 74 68 2c 61 75 74 68 2d 69 qop="auth,auth-i
0080: 6e 74 2c 61 75 74 68 2d 63 6f 6e 66 22 2c 63 69 nt,auth-conf",ci
0090: 70 68 65 72 3d 22 72 63 34 2d 34 30 2c 72 63 34 pher="rc4-40,rc4
00a0: 2d 35 36 2c 72 63 34 22 2c 6d 61 78 62 75 66 3d -56,rc4",maxbuf=
00b0: 36 35 35 33 36 2c 63 68 61 72 73 65 74 3d 75 74 65536,charset=ut
00c0: 66 2d 38 2c 61 6c 67 6f 72 69 74 68 6d 3d 6d 64 f-8,algorithm=md
00d0: 35 2d 73 65 73 73 5-sess
read1msg: ld 0x16993b0 0 new referrals
read1msg: mark request completed, ld 0x16993b0 msgid 2
request done: ld 0x16993b0 msgid 2
res_errno: 14, res_error: <SASL(0): successful result: >, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_int_sasl_bind: <null>
ldap_parse_sasl_bind_result
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x16a6f00 ptr=0x16a6f03 end=0x16a6fd9 len=214
0000: 61 81 d3 0a 01 0e 04 00 04 1c 53 41 53 4c 28 30 a.........SASL(0
0010: 29 3a 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 ): successful re
0020: 73 75 6c 74 3a 20 87 81 ad 6e 6f 6e 63 65 3d 22 sult: ...nonce="
0030: 4f 53 38 6d 31 32 77 6a 41 62 6d 2b 62 4e 50 67 OS8m12wjAbm+bNPg
0040: 6a 37 2b 48 53 6e 65 36 58 69 41 6f 6f 6a 37 6a j7+HSne6XiAooj7j
0050: 31 6f 41 38 54 49 34 78 58 71 6f 3d 22 2c 72 65 1oA8TI4xXqo=",re
0060: 61 6c 6d 3d 22 6c 6f 63 61 6c 68 6f 73 74 22 2c alm="localhost",
0070: 71 6f 70 3d 22 61 75 74 68 2c 61 75 74 68 2d 69 qop="auth,auth-i
0080: 6e 74 2c 61 75 74 68 2d 63 6f 6e 66 22 2c 63 69 nt,auth-conf",ci
0090: 70 68 65 72 3d 22 72 63 34 2d 34 30 2c 72 63 34 pher="rc4-40,rc4
00a0: 2d 35 36 2c 72 63 34 22 2c 6d 61 78 62 75 66 3d -56,rc4",maxbuf=
00b0: 36 35 35 33 36 2c 63 68 61 72 73 65 74 3d 75 74 65536,charset=ut
00c0: 66 2d 38 2c 61 6c 67 6f 72 69 74 68 6d 3d 6d 64 f-8,algorithm=md
00d0: 35 2d 73 65 73 73 5-sess
ber_scanf fmt (O) ber:
ber_dump: buf=0x16a6f00 ptr=0x16a6f29 end=0x16a6fd9 len=176
0000: 87 81 ad 6e 6f 6e 63 65 3d 22 4f 53 38 6d 31 32 ...nonce="OS8m12
0010: 77 6a 41 62 6d 2b 62 4e 50 67 6a 37 2b 48 53 6e wjAbm+bNPgj7+HSn
0020: 65 36 58 69 41 6f 6f 6a 37 6a 31 6f 41 38 54 49 e6XiAooj7j1oA8TI
0030: 34 78 58 71 6f 3d 22 2c 72 65 61 6c 6d 3d 22 6c 4xXqo=",realm="l
0040: 6f 63 61 6c 68 6f 73 74 22 2c 71 6f 70 3d 22 61 ocalhost",qop="a
0050: 75 74 68 2c 61 75 74 68 2d 69 6e 74 2c 61 75 74 uth,auth-int,aut
0060: 68 2d 63 6f 6e 66 22 2c 63 69 70 68 65 72 3d 22 h-conf",cipher="
0070: 72 63 34 2d 34 30 2c 72 63 34 2d 35 36 2c 72 63 rc4-40,rc4-56,rc
0080: 34 22 2c 6d 61 78 62 75 66 3d 36 35 35 33 36 2c 4",maxbuf=65536,
0090: 63 68 61 72 73 65 74 3d 75 74 66 2d 38 2c 61 6c charset=utf-8,al
00a0: 67 6f 72 69 74 68 6d 3d 6d 64 35 2d 73 65 73 73 gorithm=md5-sess
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_dump: buf=0x16a6f00 ptr=0x16a6f03 end=0x16a6fd9 len=214
0000: 61 81 d3 0a 01 0e 04 00 04 1c 53 41 53 4c 28 30 a.........SASL(0
0010: 29 3a 20 73 75 63 63 65 73 73 66 75 6c 20 72 65 ): successful re
0020: 73 75 6c 74 3a 20 87 81 ad 6e 6f 6e 63 65 3d 22 sult: ...nonce="
0030: 4f 53 38 6d 31 32 77 6a 41 62 6d 2b 62 4e 50 67 OS8m12wjAbm+bNPg
0040: 6a 37 2b 48 53 6e 65 36 58 69 41 6f 6f 6a 37 6a j7+HSne6XiAooj7j
0050: 31 6f 41 38 54 49 34 78 58 71 6f 3d 22 2c 72 65 1oA8TI4xXqo=",re
0060: 61 6c 6d 3d 22 6c 6f 63 61 6c 68 6f 73 74 22 2c alm="localhost",
0070: 71 6f 70 3d 22 61 75 74 68 2c 61 75 74 68 2d 69 qop="auth,auth-i
0080: 6e 74 2c 61 75 74 68 2d 63 6f 6e 66 22 2c 63 69 nt,auth-conf",ci
0090: 70 68 65 72 3d 22 72 63 34 2d 34 30 2c 72 63 34 pher="rc4-40,rc4
00a0: 2d 35 36 2c 72 63 34 22 2c 6d 61 78 62 75 66 3d -56,rc4",maxbuf=
00b0: 36 35 35 33 36 2c 63 68 61 72 73 65 74 3d 75 74 65536,charset=ut
00c0: 66 2d 38 2c 61 6c 67 6f 72 69 74 68 6d 3d 6d 64 f-8,algorithm=md
00d0: 35 2d 73 65 73 73 5-sess
ber_scanf fmt (x) ber:
ber_dump: buf=0x16a6f00 ptr=0x16a6f29 end=0x16a6fd9 len=176
0000: 87 81 ad 6e 6f 6e 63 65 3d 22 4f 53 38 6d 31 32 ...nonce="OS8m12
0010: 77 6a 41 62 6d 2b 62 4e 50 67 6a 37 2b 48 53 6e wjAbm+bNPgj7+HSn
0020: 65 36 58 69 41 6f 6f 6a 37 6a 31 6f 41 38 54 49 e6XiAooj7j1oA8TI
0030: 34 78 58 71 6f 3d 22 2c 72 65 61 6c 6d 3d 22 6c 4xXqo=",realm="l
0040: 6f 63 61 6c 68 6f 73 74 22 2c 71 6f 70 3d 22 61 ocalhost",qop="a
0050: 75 74 68 2c 61 75 74 68 2d 69 6e 74 2c 61 75 74 uth,auth-int,aut
0060: 68 2d 63 6f 6e 66 22 2c 63 69 70 68 65 72 3d 22 h-conf",cipher="
0070: 72 63 34 2d 34 30 2c 72 63 34 2d 35 36 2c 72 63 rc4-40,rc4-56,rc
0080: 34 22 2c 6d 61 78 62 75 66 3d 36 35 35 33 36 2c 4",maxbuf=65536,
0090: 63 68 61 72 73 65 74 3d 75 74 66 2d 38 2c 61 6c charset=utf-8,al
00a0: 67 6f 72 69 74 68 6d 3d 6d 64 35 2d 73 65 73 73 gorithm=md5-sess
ber_scanf fmt (}) ber:
ber_dump: buf=0x16a6f00 ptr=0x16a6fd9 end=0x16a6fd9 len=0
sasl_client_step: 2
Please enter your password:
sasl_client_step: 1
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x16a6ff0 ptr=0x16a6ff0 end=0x16a7127 len=311
0000: 30 82 01 33 02 01 03 60 82 01 2c 02 01 03 04 00 0..3...`..,.....
0010: a3 82 01 23 04 0a 44 49 47 45 53 54 2d 4d 44 35 ...#..DIGEST-MD5
0020: 04 82 01 13 75 73 65 72 6e 61 6d 65 3d 22 6d 61 ....username="ma
0030: 74 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 22 2c tt@xxxxxxxxxxx",
0040: 72 65 61 6c 6d 3d 22 6c 6f 63 61 6c 68 6f 73 74 realm="localhost
0050: 22 2c 6e 6f 6e 63 65 3d 22 4f 53 38 6d 31 32 77 ",nonce="OS8m12w
0060: 6a 41 62 6d 2b 62 4e 50 67 6a 37 2b 48 53 6e 65 jAbm+bNPgj7+HSne
0070: 36 58 69 41 6f 6f 6a 37 6a 31 6f 41 38 54 49 34 6XiAooj7j1oA8TI4
0080: 78 58 71 6f 3d 22 2c 63 6e 6f 6e 63 65 3d 22 56 xXqo=",cnonce="V
0090: 53 69 37 74 49 66 2b 48 78 59 5a 35 2b 4e 48 44 Si7tIf+HxYZ5+NHD
00a0: 56 72 6c 6b 51 43 67 34 57 58 66 51 71 51 4c 33 VrlkQCg4WXfQqQL3
00b0: 52 53 36 6d 4c 64 7a 52 4f 34 3d 22 2c 6e 63 3d RS6mLdzRO4=",nc=
00c0: 30 30 30 30 30 30 30 31 2c 71 6f 70 3d 61 75 74 00000001,qop=aut
00d0: 68 2d 63 6f 6e 66 2c 63 69 70 68 65 72 3d 72 63 h-conf,cipher=rc
00e0: 34 2c 6d 61 78 62 75 66 3d 31 36 37 37 37 32 31 4,maxbuf=1677721
00f0: 35 2c 64 69 67 65 73 74 2d 75 72 69 3d 22 6c 64 5,digest-uri="ld
0100: 61 70 2f 6c 6f 63 61 6c 68 6f 73 74 22 2c 72 65 ap/localhost",re
0110: 73 70 6f 6e 73 65 3d 34 34 31 63 33 36 62 65 39 sponse=441c36be9
0120: 63 63 31 34 37 64 39 37 30 65 35 37 34 31 37 35 cc147d970e574175
0130: 65 34 30 36 38 62 33 e4068b3
ber_scanf fmt ({i) ber:
ber_dump: buf=0x16a6ff0 ptr=0x16a6ff7 end=0x16a7127 len=304
0000: 60 82 01 2c 02 01 03 04 00 a3 82 01 23 04 0a 44 `..,........#..D
0010: 49 47 45 53 54 2d 4d 44 35 04 82 01 13 75 73 65 IGEST-MD5....use
0020: 72 6e 61 6d 65 3d 22 6d 61 74 74 40 65 78 61 6d rname="matt@exam
0030: 70 6c 65 2e 63 6f 6d 22 2c 72 65 61 6c 6d 3d 22 ple.com",realm="
0040: 6c 6f 63 61 6c 68 6f 73 74 22 2c 6e 6f 6e 63 65 localhost",nonce
0050: 3d 22 4f 53 38 6d 31 32 77 6a 41 62 6d 2b 62 4e ="OS8m12wjAbm+bN
0060: 50 67 6a 37 2b 48 53 6e 65 36 58 69 41 6f 6f 6a Pgj7+HSne6XiAooj
0070: 37 6a 31 6f 41 38 54 49 34 78 58 71 6f 3d 22 2c 7j1oA8TI4xXqo=",
0080: 63 6e 6f 6e 63 65 3d 22 56 53 69 37 74 49 66 2b cnonce="VSi7tIf+
0090: 48 78 59 5a 35 2b 4e 48 44 56 72 6c 6b 51 43 67 HxYZ5+NHDVrlkQCg
00a0: 34 57 58 66 51 71 51 4c 33 52 53 36 6d 4c 64 7a 4WXfQqQL3RS6mLdz
00b0: 52 4f 34 3d 22 2c 6e 63 3d 30 30 30 30 30 30 30 RO4=",nc=0000000
00c0: 31 2c 71 6f 70 3d 61 75 74 68 2d 63 6f 6e 66 2c 1,qop=auth-conf,
00d0: 63 69 70 68 65 72 3d 72 63 34 2c 6d 61 78 62 75 cipher=rc4,maxbu
00e0: 66 3d 31 36 37 37 37 32 31 35 2c 64 69 67 65 73 f=16777215,diges
00f0: 74 2d 75 72 69 3d 22 6c 64 61 70 2f 6c 6f 63 61 t-uri="ldap/loca
0100: 6c 68 6f 73 74 22 2c 72 65 73 70 6f 6e 73 65 3d lhost",response=
0110: 34 34 31 63 33 36 62 65 39 63 63 31 34 37 64 39 441c36be9cc147d9
0120: 37 30 65 35 37 34 31 37 35 65 34 30 36 38 62 33 70e574175e4068b3
ber_flush2: 311 bytes to sd 3
0000: 30 82 01 33 02 01 03 60 82 01 2c 02 01 03 04 00 0..3...`..,.....
0010: a3 82 01 23 04 0a 44 49 47 45 53 54 2d 4d 44 35 ...#..DIGEST-MD5
0020: 04 82 01 13 75 73 65 72 6e 61 6d 65 3d 22 6d 61 ....username="ma
0030: 74 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 22 2c tt@xxxxxxxxxxx",
0040: 72 65 61 6c 6d 3d 22 6c 6f 63 61 6c 68 6f 73 74 realm="localhost
0050: 22 2c 6e 6f 6e 63 65 3d 22 4f 53 38 6d 31 32 77 ",nonce="OS8m12w
0060: 6a 41 62 6d 2b 62 4e 50 67 6a 37 2b 48 53 6e 65 jAbm+bNPgj7+HSne
0070: 36 58 69 41 6f 6f 6a 37 6a 31 6f 41 38 54 49 34 6XiAooj7j1oA8TI4
0080: 78 58 71 6f 3d 22 2c 63 6e 6f 6e 63 65 3d 22 56 xXqo=",cnonce="V
0090: 53 69 37 74 49 66 2b 48 78 59 5a 35 2b 4e 48 44 Si7tIf+HxYZ5+NHD
00a0: 56 72 6c 6b 51 43 67 34 57 58 66 51 71 51 4c 33 VrlkQCg4WXfQqQL3
00b0: 52 53 36 6d 4c 64 7a 52 4f 34 3d 22 2c 6e 63 3d RS6mLdzRO4=",nc=
00c0: 30 30 30 30 30 30 30 31 2c 71 6f 70 3d 61 75 74 00000001,qop=aut
00d0: 68 2d 63 6f 6e 66 2c 63 69 70 68 65 72 3d 72 63 h-conf,cipher=rc
00e0: 34 2c 6d 61 78 62 75 66 3d 31 36 37 37 37 32 31 4,maxbuf=1677721
00f0: 35 2c 64 69 67 65 73 74 2d 75 72 69 3d 22 6c 64 5,digest-uri="ld
0100: 61 70 2f 6c 6f 63 61 6c 68 6f 73 74 22 2c 72 65 ap/localhost",re
0110: 73 70 6f 6e 73 65 3d 34 34 31 63 33 36 62 65 39 sponse=441c36be9
0120: 63 63 31 34 37 64 39 37 30 65 35 37 34 31 37 35 cc147d970e574175
0130: 65 34 30 36 38 62 33 e4068b3
ldap_write: want=311, written=311
0000: 30 82 01 33 02 01 03 60 82 01 2c 02 01 03 04 00 0..3...`..,.....
0010: a3 82 01 23 04 0a 44 49 47 45 53 54 2d 4d 44 35 ...#..DIGEST-MD5
0020: 04 82 01 13 75 73 65 72 6e 61 6d 65 3d 22 6d 61 ....username="ma
0030: 74 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 22 2c tt@xxxxxxxxxxx",
0040: 72 65 61 6c 6d 3d 22 6c 6f 63 61 6c 68 6f 73 74 realm="localhost
0050: 22 2c 6e 6f 6e 63 65 3d 22 4f 53 38 6d 31 32 77 ",nonce="OS8m12w
0060: 6a 41 62 6d 2b 62 4e 50 67 6a 37 2b 48 53 6e 65 jAbm+bNPgj7+HSne
0070: 36 58 69 41 6f 6f 6a 37 6a 31 6f 41 38 54 49 34 6XiAooj7j1oA8TI4
0080: 78 58 71 6f 3d 22 2c 63 6e 6f 6e 63 65 3d 22 56 xXqo=",cnonce="V
0090: 53 69 37 74 49 66 2b 48 78 59 5a 35 2b 4e 48 44 Si7tIf+HxYZ5+NHD
00a0: 56 72 6c 6b 51 43 67 34 57 58 66 51 71 51 4c 33 VrlkQCg4WXfQqQL3
00b0: 52 53 36 6d 4c 64 7a 52 4f 34 3d 22 2c 6e 63 3d RS6mLdzRO4=",nc=
00c0: 30 30 30 30 30 30 30 31 2c 71 6f 70 3d 61 75 74 00000001,qop=aut
00d0: 68 2d 63 6f 6e 66 2c 63 69 70 68 65 72 3d 72 63 h-conf,cipher=rc
00e0: 34 2c 6d 61 78 62 75 66 3d 31 36 37 37 37 32 31 4,maxbuf=1677721
00f0: 35 2c 64 69 67 65 73 74 2d 75 72 69 3d 22 6c 64 5,digest-uri="ld
0100: 61 70 2f 6c 6f 63 61 6c 68 6f 73 74 22 2c 72 65 ap/localhost",re
0110: 73 70 6f 6e 73 65 3d 34 34 31 63 33 36 62 65 39 sponse=441c36be9
0120: 63 63 31 34 37 64 39 37 30 65 35 37 34 31 37 35 cc147d970e574175
0130: 65 34 30 36 38 62 33 e4068b3
ldap_msgfree
ldap_result ld 0x16993b0 msgid 3
wait4msg ld 0x16993b0 msgid 3 (infinite timeout)
wait4msg continue ld 0x16993b0 msgid 3 all 1
** ld 0x16993b0 Connections:
* host: localhost port: 389 (default)
refcnt: 2 status: Connected
last used: Sat Nov 5 14:10:16 2016
** ld 0x16993b0 Outstanding Requests:
* msgid 3, origid 3, status InProgress
outstanding referrals 0, parent count 0
ld 0x16993b0 request count 1 (abandoned 0)
** ld 0x16993b0 Response Queue:
Empty
ld 0x16993b0 response count 0
ldap_chkResponseList ld 0x16993b0 msgid 3 all 1
ldap_chkResponseList returns ld 0x16993b0 NULL
ldap_int_select
read1msg: ld 0x16993b0 msgid 3 all 1
ber_get_next
ldap_read: want=8, got=8
0000: 30 4f 02 01 03 61 4a 0a 0O...aJ.
ldap_read: want=73, got=73
0000: 01 50 04 00 04 43 53 41 53 4c 28 2d 31 29 3a 20 .P...CSASL(-1):
0010: 67 65 6e 65 72 69 63 20 66 61 69 6c 75 72 65 3a generic failure:
0020: 20 75 6e 61 62 6c 65 20 74 6f 20 63 61 6e 6f 6e unable to canon
0030: 69 66 79 20 75 73 65 72 20 61 6e 64 20 67 65 74 ify user and get
0040: 20 61 75 78 70 72 6f 70 73 auxprops
ber_get_next: tag 0x30 len 79 contents:
ber_dump: buf=0x16a5e70 ptr=0x16a5e70 end=0x16a5ebf len=79
0000: 02 01 03 61 4a 0a 01 50 04 00 04 43 53 41 53 4c ...aJ..P...CSASL
0010: 28 2d 31 29 3a 20 67 65 6e 65 72 69 63 20 66 61 (-1): generic fa
0020: 69 6c 75 72 65 3a 20 75 6e 61 62 6c 65 20 74 6f ilure: unable to
0030: 20 63 61 6e 6f 6e 69 66 79 20 75 73 65 72 20 61 canonify user a
0040: 6e 64 20 67 65 74 20 61 75 78 70 72 6f 70 73 nd get auxprops
read1msg: ld 0x16993b0 msgid 3 message type bind
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x16a5e70 ptr=0x16a5e73 end=0x16a5ebf len=76
0000: 61 4a 0a 01 50 04 00 04 43 53 41 53 4c 28 2d 31 aJ..P...CSASL(-1
0010: 29 3a 20 67 65 6e 65 72 69 63 20 66 61 69 6c 75 ): generic failu
0020: 72 65 3a 20 75 6e 61 62 6c 65 20 74 6f 20 63 61 re: unable to ca
0030: 6e 6f 6e 69 66 79 20 75 73 65 72 20 61 6e 64 20 nonify user and
0040: 67 65 74 20 61 75 78 70 72 6f 70 73 get auxprops
read1msg: ld 0x16993b0 0 new referrals
read1msg: mark request completed, ld 0x16993b0 msgid 3
request done: ld 0x16993b0 msgid 3
res_errno: 80, res_error: <SASL(-1): generic failure: unable to canonify user and get auxprops>, res_matched: <>
ldap_free_request (origid 3, msgid 3)
ldap_int_sasl_bind: <null>
ldap_parse_sasl_bind_result
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x16a5e70 ptr=0x16a5e73 end=0x16a5ebf len=76
0000: 61 4a 0a 01 50 04 00 04 43 53 41 53 4c 28 2d 31 aJ..P...CSASL(-1
0010: 29 3a 20 67 65 6e 65 72 69 63 20 66 61 69 6c 75 ): generic failu
0020: 72 65 3a 20 75 6e 61 62 6c 65 20 74 6f 20 63 61 re: unable to ca
0030: 6e 6f 6e 69 66 79 20 75 73 65 72 20 61 6e 64 20 nonify user and
0040: 67 65 74 20 61 75 78 70 72 6f 70 73 get auxprops
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_dump: buf=0x16a5e70 ptr=0x16a5e73 end=0x16a5ebf len=76
0000: 61 4a 0a 01 50 04 00 04 43 53 41 53 4c 28 2d 31 aJ..P...CSASL(-1
0010: 29 3a 20 67 65 6e 65 72 69 63 20 66 61 69 6c 75 ): generic failu
0020: 72 65 3a 20 75 6e 61 62 6c 65 20 74 6f 20 63 61 re: unable to ca
0030: 6e 6f 6e 69 66 79 20 75 73 65 72 20 61 6e 64 20 nonify user and
0040: 67 65 74 20 61 75 78 70 72 6f 70 73 get auxprops
ber_scanf fmt (}) ber:
ber_dump: buf=0x16a5e70 ptr=0x16a5ebf end=0x16a5ebf len=0
ldap_msgfree
ldap_err2string
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: unable to canonify user and get auxprops
ldap_free_connection 1 1
ldap_send_unbind
ber_flush2: 7 bytes to sd 3
0000: 30 05 02 01 04 42 00 0....B.
ldap_write: want=7, written=7
0000: 30 05 02 01 04 42 00 0....B.
ldap_free_connection: actually freed
---------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------
#1
[root@localhost openldap]# sasldblistusers2
matt@xxxxxxxxxxx: userPassword
---------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------
#2
[root@localhost openldap]# pluginviewer -a
Installed and properly configured auxprop mechanisms are:
<none>
---------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------
#3
[root@localhost openldap]# chown -R openldap:openldap /var/lib/ldap
[root@localhost openldap]# chmod -R 644 /var/lib/ldap
[root@localhost openldap]# ls -la /var/lib/ldap
total 19140
drwSr-Sr--. 2 openldap openldap 4096 Nov 5 14:24 .
drwxr-xr-x. 37 root root 4096 Nov 5 13:31 ..
-rw-r--r--. 1 openldap openldap 2048 Nov 5 14:24 alock
-rw-r--r--. 1 openldap openldap 2326528 Nov 5 14:25 __db.001
-rw-r--r--. 1 openldap openldap 17448960 Nov 5 14:25 __db.002
-rw-r--r--. 1 openldap openldap 1884160 Nov 5 14:25 __db.003
-rw-r--r--. 1 openldap openldap 845 Nov 5 13:31 DB_CONFIG
-rw-r--r--. 1 openldap openldap 8192 Nov 5 13:39 dn2id.bdb
-rw-r--r--. 1 openldap openldap 32768 Nov 5 13:39 id2entry.bdb
-rw-r--r--. 1 openldap openldap 10485760 Nov 5 14:24 log.0000000001
---------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------
#4
[root@localhost openldap]# db_dump -p /etc/sasldb2
VERSION=3
format=print
type=hash
db_pagesize=4096
HEADER=END
matt\00example.com\00userPassword
secret
DATA="">---------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------
#5
vi /etc/sasl2/slapd.conf
mech_list: DIGEST-MD5
pwcheck_method:saslauthd
sasldb_path: /etc/sasldb2
auxprop_plugin: sasldb
--
best regards
mark gavrilman