[KLUG Members] saslauthd and LDAP

Adam Tauno Williams members@kalamazoolinux.org
Thu, 5 Feb 2004 15:19:14 -0500

Previous message: [KLUG Members] saslauthd and LDAP
Next message: [KLUG Members] saslauthd and LDAP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> How do I test that saslauthd is working with LDAP? testsaslauthd(8)? 

That should work.

>It won't authenticate:
> grimace:12:01 PM:~# testsaslauthd -u peter -p A_SECRET
> 0: NO "authentication failed"
> grimace:12:02 PM:~# tail /var/log/auth.log
> Feb  5 12:02:05 grimace saslauthd[3066]: Entry not found or more than one
> entries found ((uid=peter)).
> Feb  5 12:02:05 grimace saslauthd[3066]: do_auth: auth failure: [user=peter]
> [service=imap] [realm=] [mech=ldap] [reason=Unknown]

But ldapsearch uid=peter does find something?  

"((uid=peter))" is a pretty scant filter BTW,  you should see something like
"(&(objectclass=posixAccount)(uid=peter))".  ALL queries should have an
objectclass qualifier.

> Does testsaslauthd work without an IMAP server installed?

Yes;  there is no real correlation between Cyrus IMAP & Cyrus SASL; imapd is
just the most prominant application to use SASL.  You can even make OpenLDAP
rely on saslauthd to verify bind attempts.

Previous message: [KLUG Members] saslauthd and LDAP
Next message: [KLUG Members] saslauthd and LDAP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]