On 11/06/16 20:05 +0300, mark gavrilman via Cyrus-sasl wrote:
[root@example openldap]# ldapsearch -LLL -U matt@xxxxxxxxxxx -v '(uid=matt@xxxxxxxxxxx)' uid -d -1
res_errno: 80, res_error: <SASL(-1): generic failure: unable to canonify user and get auxprops>, res_matched: <>
additional info: SASL(-1): generic failure: unable to canonify user and get auxprops
[root@localhost openldap]# sasldblistusers2 matt@xxxxxxxxxxx: userPassword
[root@localhost openldap]# pluginviewer -a Installed and properly configured auxprop mechanisms are: <none>
[root@localhost openldap]# db_dump -p /etc/sasldb2 VERSION=3 format=print type=hash db_pagesize=4096 HEADER=END matt\00example.com\00userPassword secret DATA=END
#5 vi /etc/sasl2/slapd.conf mech_list: DIGEST-MD5 pwcheck_method:saslauthd sasldb_path: /etc/sasldb2 auxprop_plugin: sasldb
You'll also need to configure olcSaslAuxprops/sasl-auxprops within your slapd configuration, as OpenLDAP ignores auxprop_plugin in your (sasl) slapd.conf above. See manpages slapd-conf/slapd.conf. -- Dan White