I'd be willing to consider a problem with my ntlogon configuration, if it were not for the fact that ntlogon works fine as soon as I turn off SASL.
Tue Feb 05 09:06:11 2008 [notice] ntlogon: user 'user', realm 'domain.com' logged in Tue Feb 05 09:06:11 2008 [notice] [252] SASL authentication succeeded: mechanism=PLAIN; [EMAIL PROTECTED] Tue Feb 05 09:06:11 2008 [notice] [252] bound: [EMAIL PROTECTED]/[EMAIL PROTECTED] Tue Feb 05 09:06:11 2008 [notice] [252] [192.168.4.66, port=2837] disconnect [EMAIL PROTECTED]/[EMAIL PROTECTED], packets: 1 At this point I am not using TLS with SASL. TLS on a separate port works. For now, I am just trying to get SASL to work without TLS. As you can see, the authentication is working, however, the client is disconnected immediately after. Here is Coccinella's log: SEND: <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' xml:lang='en' to='chatter.domain.com' version='1.0'> RECV: <?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' from='chatter.domain.com' version='1.0' id='5zwasdfly7hlpvgcmb1wasf1231sdf86iqq8cuwd'> RECV: <stream:features xmlns:stream='http://etherx.jabber.org/streams'><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism></mechanisms><auth xmlns='http://jabber.org/features/iq-auth'/></stream:features> SEND: <auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='PLAIN'>dG9asdfAaWVtLWNvbXAafdasr12ALmNvbQB0b255ZQBmYXRmYXRmYXQ=</auth> RECV: <success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/> SEND: <stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' to='chatter.domain.com' xml:lang='en' version='1.0'> RECV: <?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' from='chatter.domain.com' version='1.0' id='112312bd7ntk7ybes7d2rxmfzvojktsadfasrx0c'> RECV: <stream:features xmlns:stream='http://etherx.jabber.org/streams'><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><required/></bind><unbind xmlns='urn:ietf:params:xml:ns:xmpp-bind'/><session xmlns='urn:ietf:params:xml:ns:xmpp-session'/></stream:features> SEND: <iq type='set' id='1007'><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><resource>[EMAIL PROTECTED]</resource></bind></iq> RECV: <stream:error xmlns:stream='http://etherx.jabber.org/streams'><internal-server-error xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text xmlns='urn:ietf:params:xml:ns:xmpp-streams'>internal server error</text></stream:error></stream:stream> SEND: </stream:stream> On Feb 5, 2008 2:57 AM, Adam Strzelecki <[EMAIL PROTECTED]> wrote: > Hi, > > > Yeah, they both have plain only, forgot to mention that. > > Then I don't really have a clue what's going on. I'm running other > server with SASL, TLS and ntlogon and everything rock&rolls. > > Do you have anything like in c2s.log: > > Tue Feb 05 11:52:44 2008 [notice] [264] [XX.XX.XX.XX, port=61371] > > connect > > Tue Feb 05 11:52:48 2008 [notice] ntlogon: user 'ono', realm > > 'mydomain.com' logged in > > Tue Feb 05 11:52:48 2008 [notice] [264] SASL authentication > > succeeded: mechanism=PLAIN; [EMAIL PROTECTED], TLS negotiated > > Tue Feb 05 11:52:48 2008 [notice] [264] bound: [EMAIL PROTECTED]/macono > > If not, what is the last message for your connection in the logs and > which's missing. Maybe your ntlogon (realm) is invalid, and auth > fails? It must be your ADS domain or hostname. > > > Cheers, > -- > Adam Strzelecki |: nanoant.com :| > >
