|
Adding the output of pluginviewer : ldapdb is not listed as a one of the auxprop mechanisms : # /usr/sbin/pluginviewer -a Installed and properly configured auxprop mechanisms are: sasldb List of auxprop plugins follows Plugin "sasldb" , API version: 8 supports store: yes and I don’t have a pluginviewer.conf on my system , another conf file I have is :
/etc/sasl2/slapd.conf # cat /etc/sasl2/slapd.conf mech_list: plain pwcheck_method: saslauthd saslauthd_path: /var/run/saslauthd/mux ( this doesn’t look right ) Regards,
From: Cyrus-sasl <cyrus-sasl-bounces+bandaru.v=pg.com@xxxxxxxxxxxxxxxxxxxx>
On Behalf Of Bandaru, Vamsi
CAUTION: This email originated outside P&G. Please exercise caution when opening any links or attachments. Hi all , ( This is my first post here ) ,
I am trying to use Cyrus SASL for SMTP authentication against my organization’s LDAP server . I have two major issues I noticed : The auth.log under /var/log reads : Apr 27 14:57:36 postfix-in-1/submission/smtpd[42282]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb Apr 27 14:57:36 postfix-in-1/submission/smtpd[42282]: _sasl_plugin_load failed on sasl_canonuser_init for plugin: ldapdb The message logs read : saslauthd[85790]: detach_tty : could not lock pid file /run/saslauthd/saslauthd.pid: Resource temporarily unavailable saslauthd[85789]: detach_tty : Cannot start saslauthd saslauthd[85789]: detach_tty : Another instance of saslauthd is currently running These are the files , and their locations I am trying to configure . ( am I missing any other files to configure )
My /etc/saslauthd.conf , is configured in the following way : ldap_servers: ldaps://< hostname >:636 ldap_bind_dn: uid=xxx,ou=xx,ou=xx,o=xx ldap_bind_pw: xxxx ldap_version: 3 ldap_auth_method: bind ldap_search_base: ou=xx,ou=ss,o=xx ldap_scope: sub ldap_filter: ShortName=%U *********************************************************************** The /etc/sasl2/smtpd.conf is configured as : pwcheck_method: auxprop auxprop_plugin: ldapdb mech_list: PLAIN LOGIN NTLM CRAM-MD5 DIGEST-MD5 **************************************************************** #ldapdb_mech: LOGIN ( I am not sure if this parameter should be configured under smtpd.conf or under saslauthd.conf ) Output of : saslauthd -a ldap -O /etc/saslauthd.conf # saslauthd -a ldap -O /etc/saslauthd.conf saslauthd[91048] :detach_tty : Cannot start saslauthd saslauthd[91048] :detach_tty : Another instance of saslauthd is currently running
SASL related configuration under postfix / main.cf file . smtpd_sasl_auth_enable = yes smtpd_sasl_type = cyrus smtpd_sasl_path = /run/saslauthd/mux #smtpd_sasl_path = /usr/lib64/sasl2 smtpd_sasl_security_options = noanonymous smtpd_tls_auth_only = yes smtpd_sasl_tls_security_options = noanonymous ******************************************************************************* Could someone please help me if these are the only two files that requires configuration to get SASL working ?
And if I have got their configuration right . And these are the packages I currently installed on my RHEL 7 system : cyrus-sasl-2.1.26-23.el7.x86_64 cyrus-sasl-devel-2.1.26-23.el7.x86_64 cyrus-sasl-ldap-2.1.26-23.el7.x86_64 cyrus-sasl-md5-2.1.26-23.el7.x86_64 cyrus-sasl-ntlm-2.1.26-23.el7.x86_64 cyrus-sasl-plain-2.1.26-23.el7.x86_64 cyrus-sasl-lib-2.1.26-23.el7.x86_64 Any help / suggests are greatly appreciated . Thanks and regards, Vamsi. |
