> Also, have any idea what is causing the following error?
>
> unable to get entry point sasl_client_plug_init in
/usr/lib/sasl/libsasldb.so:
> /usr/local/lib/libsasl.so.7: undefined symbol: sasl_client_plug_init
After further investigation, I discovered:
1. Comment out all references to "pam_ldap.so" in "system-auth" and the
error messages are not generated upon "login"
2. The local LDAP server was not started, therefore "pam_ldap.so" had no
server to authenticate against.
3. Undue steps in 1 and authentication works as expected.
Next, "imtest" successfully authenticates accounts known to "sasldb2",
however
"imtest" fails if an LDAP account is specified ->
imapd[1063]: badlogin: localhost[127.0.0.1] DIGEST-MD5 [SASL(-13):
user not found: no secret in database]
per the above "badlogin" message, this may be expected "imtest" behavior
but,
when authenticating via an email client the following is logged ->
imapd[1063]: badlogin: mailsrv[x.x.x.] plaintext imapuser SASL(-1):
generic failure: checkpass failed
The "imap" file in "/etc/pam.d" contains:
#%PAM-1.0
auth sufficient pam_ldap.so
auth required pam_unix_auth.so
account sufficient pam_ldap.so
account required pam_unix_acct.so
and... the pwcheck method in "/etc/cyrus.conf" is:
sasl_pwcheck_method: auxprop
Question: is "the pam_ldap" authentication module deprecated as of SASL V2?
>From SASL Archive note: 1559, a patch to perform LDAP authentication via the
auxprop
plugin for SASL V2 is suggested. B4 I arbitrarily apply this patch, can
someone please
clarify or point me to the doc discussing auxprop, SASL V2 and LDAP?
RB
>> Every plugin that supports a client-side SASL negotiation should export
>> this (which is basically all of the included ones, except for libsasldb).
>> -Rob
