On 8/24/05, Igor Brezac <[EMAIL PROTECTED]> wrote: > > On Wed, 24 Aug 2005, Fred Blaise wrote: > > > On 8/24/05, Etienne Goyer <[EMAIL PROTECTED]> wrote: > >> Fred Blaise wrote: > >>> I am trying to fix the cyrus SASL authentication against openLDAP, I > >>> guess. > >>> > >>> When I run that, here is the error: > >>> -------------------------------------------- > >>> OX1:~# ldapsearch -D "cn=manager,dc=ilr,dc=lu" -h ldapsmb-pdc.ilr.lu > >>> -b "dc=ilr,dc=lu" "(uid=sp)" > >>> SASL/DIGEST-MD5 authentication started > >>> Please enter your password: > >>> ldap_sasl_interactive_bind_s: Internal (implementation specific) error > >>> (80) > >>> additional info: SASL(-13): user not found: no secret in database > >> > >> You would need to use simple bind to authenticate using the userPassword > >> attribute; try "ldapsearch -W -x -D..." instead. If you worry about > >> sending password cleartext, consider using SSL/TLS. > > I am running TLS.. an ldapsearch -ZZ works fine with the -x simple bind. > > However, cyrus -> saslauthd (PAM) -> pam_ldap requires an SASL > > authentication on the ldap server, am I right? > > If you are going setup sasl in openldap, I suggest you use ldapdb > auxprop module, otherwise you can use built-in ldap support in saslauthd. I have used the saslauthd -a ldap method, and it works like a charm :)
Thanks a lot. > > -- > Igor fred > ---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
