I'm trying to use saslauthd to test "auth plain" and "auth login" authentication against our LDAP data store using the "MECH=ldap" configuration.
When saslauthd tries to bind with the credentials, it is only sending 7 characters of the password. I've validated this by using Wireshark to examine the sasl communications. The ldap search for the user is successful and saslauthd is finding the correct user and binding as desired. But the auth fails, obviously, because the only 7 characters of the actual (9 character) password is sent. If I use the "MECH=pam" and authenticate against a valid user (also with a password that is 9 charcaters) on the local server, the authentication is successful. I'm running this on RHEL 7.5 with cyrus-sasl* packages that are version "2.1.26-23.el7.x86_64", ie: cyrus-sasl-plain-2.1.26-23.el7.x86_64 cyrus-sasl-2.1.26-23.el7.x86_64 cyrus-sasl-gssapi-2.1.26-23.el7.x86_64 cyrus-sasl-lib-2.1.26-23.el7.x86_64 I've attached my smtp.conf, saslauthd and saslauthd.conf files (with passwords redacted). Is there a configuration I'm missing or have I found a bug? Any suggestions as to how to get around this problem? -- Robert G. Werner Systems Administrator University of California Merced, Office of Information Technology rwern...@ucmerced.edu<mailto:rwern...@ucmerced.edu> | it.ucmerced.edu<https://it.ucmerced.edu/> | 209.201.4368
ldap_bind_dn: <user> ldap_bind_pw: <password> ldap_servers: ldap://lplds.ucmerced.edu ldap_search_base: dc=ucmerced,dc=edu ldap_filter: uid=%U ldap_version: 3 log_level: 7
log_level: 7 pwcheck_method: saslauthd mech_list: plain login
saslauthd
Description: saslauthd
