Hello All,
I've installed the cyrus-sasl-md5-2.1.22-5.el5_4.3.x86_64.rpm package.
*Logs:*
/root>pluginviewer
Installed SASL (server side) mechanisms are:
*CRAM-MD5 ANONYMOUS DIGEST-MD5 PLAIN LOGIN EXTERNAL*
......
**
/u01/app/openldap/product/2.4.26/etc/openldap>ldapsearch -x -b "" -s base
-LLL supportedSASLMechanisms
dn:
*supportedSASLMechanisms: CRAM-MD5
supportedSASLMechanisms: DIGEST-MD5**
*
and again started with SASL process (tried several times) but everytime...
got an error:
*Steps i followed:*
1> saslpasswd2 -c sasluser3
2> sasldblistusers2
3> Stop LDAP
4> edit slapd.conf and add following lines:
password-hash {CLEARTEXT}
sasl-regexp uid=(.*),cn=DIGEST-MD5,cn=auth uid=$1,ou=System,o=xyz
5> Start LDAP
6> Add account from ldif:
add_sasl_accnt3.ldif
----------------------------
# TEST Account for SASL:
dn: uid=sasluser3,ou=System,o=xyz
uid: sasluser3
ou: System
description: Special account for SASL Testing
userPassword: sasluser3
objectClass: account
objectClass: simpleSecurityObject
7> ldapadd -x -D cn=Manager,o=xyz -W -f add_sasl_accnt3.ldif
8> *ldapsearch -Y DIGEST-MD5 -U sasluser3 -b 'o=xyz'*
Or
*ldapsearch -U sasluser5 -b 'o=xyz'*
But evrytime got error as:
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-13): user not found: no secret in database
Thks a lot for helping me.
Regards,
Gaurav Gugnani
On Thu, Feb 2, 2012 at 11:13 PM, Gaurav Gugnani <[email protected]>wrote:
> Hello,
>
> Thks for helping me out. Yes, the package is missing.
>
> The O/P of plugin viewer:
> /u01/app/openldap/product/2.4.26/etc/openldap>pluginviewer
> Installed SASL (server side) mechanisms are:
> ANONYMOUS PLAIN LOGIN EXTERNAL
>
> And clearly it is not displaying any MD5 SASL mechanism.
>
> Now, i'll try to install package and will try my steps.
>
> Once again thks a lot for helping.
>
> Regards,
> Gaurav Gugnani
>
> On Thu, Feb 2, 2012 at 9:03 PM, Dan White <[email protected]> wrote:
>
>> On 02/02/12 16:24 +0530, Gaurav Gugnani wrote:
>>
>>> Hello,
>>>
>>> I too suppose that my package is missing for cyrus-sasl DIGEST MD5.
>>>
>>> I'm working on linux 86_64 machine and want to implement DIGEST MD5
>>> mechanism.
>>>
>>> Following packages are installed:
>>> /u01/app/openldap/product/2.4.**26/etc/openldap>rpm -qa | grep
>>> cyrus-sasl
>>> cyrus-sasl-devel-2.1.22-5.el5_**4.3
>>> cyrus-sasl-plain-2.1.22-5.el5_**4.3
>>> cyrus-sasl-lib-2.1.22-5.el5_4.**3
>>> cyrus-sasl-devel-2.1.22-5.el5_**4.3
>>> cyrus-sasl-lib-2.1.22-5.el5_4.**3
>>> cyrus-sasl-plain-2.1.22-5.el5_**4.3
>>> cyrus-sasl-2.1.22-5.el5_4.3
>>>
>>
>> Use pluginviewer (or possibly saslpluginviewer) to verify that digest-md5
>> is installed. If not, you'll need to find out which package you need from
>> your distribution's support.
>>
>> Once installed, and verified using pluginviewer, verify that slapd is
>> offering the mechanism with:
>>
>> ldapsearch -x -H ldap://ldap.example.net -s "base"
>> "supportedSASLMechanisms"
>>
>> Please suggest, if package is missing or will the DIGEST MD% mechanism
>>> works with this cyrus-sasl modules.
>>>
>>> Thanks for your help.
>>>
>>> Regards,
>>> Gaurav Gugnani
>>>
>>>
>>> On Thu, Feb 2, 2012 at 4:03 PM, Raffael Sahli <[email protected]>*
>>> *wrote:
>>>
>>> On 02/02/2012 10:40 AM, Gaurav Gugnani wrote:
>>>>
>>>> Hello All,
>>>>
>>>> After some more research into it and reading some more links:
>>>>
>>>> http://www.linuxtopia.org/**online_books/network_**
>>>> administration_guides/ldap_**administration/sasl_SASL_**
>>>> Authentication.html<http://www.linuxtopia.org/online_books/network_administration_guides/ldap_administration/sasl_SASL_Authentication.html>
>>>> http://tldp.org/HOWTO/LDAP-**HOWTO/sasl.html<http://tldp.org/HOWTO/LDAP-HOWTO/sasl.html>
>>>>
>>>> I did some more steps like-
>>>> *Step-1:*
>>>>
>>>> In the file slapd.conf i add following lines:
>>>> password-hash {CLEARTEXT}
>>>> sasl-regexp uid=(.*),cn=DIGEST-MD5,cn=auth uid=$1,ou=System,o=db
>>>>
>>>> And perform ldapsearch in different way:
>>>> ldapsearch -Y DIGEST-MD5 -U sasluser2 -b 'o=db'
>>>>
>>>> But again got error as:
>>>> ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
>>>> additional info: SASL(-4): no mechanism available: No worthy
>>>> mechs
>>>> found
>>>>
>>>> Did you installed the sasl modules? (On debian the package name is
>>>> libsasl2-modules )
>>>>
>>>>
>>>> Please help in getting out of this issue.
>>>>
>>>> Thanks and Regards,
>>>> Gaurav Gugnani
>>>>
>>>>
>>>>
>>>> --
>>>> Raffael [email protected]
>>>>
>>>>
>>>>
>> --
>> Dan White
>>
>
>
