On Wed, 24 Aug 2005, Fred Blaise wrote:
On 8/24/05, Etienne Goyer <[EMAIL PROTECTED]> wrote:
Fred Blaise wrote:
I am trying to fix the cyrus SASL authentication against openLDAP, I guess.
When I run that, here is the error:
--------------------------------------------
OX1:~# ldapsearch -D "cn=manager,dc=ilr,dc=lu" -h ldapsmb-pdc.ilr.lu
-b "dc=ilr,dc=lu" "(uid=sp)"
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
additional info: SASL(-13): user not found: no secret in database
You would need to use simple bind to authenticate using the userPassword
attribute; try "ldapsearch -W -x -D..." instead. If you worry about
sending password cleartext, consider using SSL/TLS.
I am running TLS.. an ldapsearch -ZZ works fine with the -x simple bind.
However, cyrus -> saslauthd (PAM) -> pam_ldap requires an SASL
authentication on the ldap server, am I right?
If you are going setup sasl in openldap, I suggest you use ldapdb
auxprop module, otherwise you can use built-in ldap support in saslauthd.
--
Igor
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
