Brent Bice <[email protected]> writes: > I've been trying to get Pass-Through authentication to work using a > userPassword attribute of the form {sasl}usern...@realm. At this point > I'm guessing but is there a way to tell slapd what pathspec to use to > talk to saslauthd? (I'm guessing maybe it's using one path but > saslauthd is using a different one for the socket file) > > I've got saslauthd running ok and can authenticate using > testsaslauthd so I'm fairly sure I'm ok there. And I've got openldap > compiled with --enable-spasswd option so it ought to support the SASL > pass-through option, right? > > I ran saslauthd with debugging on so I can see every auth request > and whether it succeeds or fails and I can see it when testsaslauth > connects and succeeds. But when I try to bind to slapd using the DN > whose userPassword is {sasl}bb...@ldap the authentication to slapd > fails and saslauthd doesn't show any authentication attempt at > all. It's as if it's not even trying (or can't find) saslauthd. > > I ran slapd with the -d 255 option and saved the output to a > file. Here's all the lines containing the string sasl: >>>> dnPretty: <cn=SASL> > => ldap_bv2dn(cn=SASL,0) > <= ldap_bv2dn(cn=SASL)=0 > <= ldap_dn2bv(cn=SASL)=0 > <<< dnPretty: <cn=SASL> >>>> dnNormalize: <cn=SASL> > <<< dnNormalize: <cn=sasl> > ldap_sasl_bind_s > ldap_sasl_bind > SASL Canonicalize [conn=1000]: authcid="bb...@ldap" > SASL Canonicalize [conn=1000]: authcid="bb...@ldap" > SASL Canonicalize [conn=1001]: authcid="bb...@ldap" > SASL Canonicalize [conn=1001]: authcid="bb...@ldap" > > So if I'm reading that right, slapd does see that it's supposed to > hand off the authentication to saslauthd and it has picked out the > username and realm. But it doesn't seem to be connecting to or using > saslauthd. > > Any ideas? What am I missing here?
Did you create a lib/sasl2/slapd.conf, or wherever your sasl configuration files are located? -Dieter -- Dieter Klünter | Systemberatung sip: [email protected] http://www.dpunkt.de/buecher/2104.html GPG Key ID:8EF7B6C6
