[Fedora-directory-users] Mac OS X SASL auth problems

Richard Megginson rmeggins at redhat.com
Mon Nov 20 18:43:17 UTC 2006 

John Call wrote:
> Richard,
>
> thanks so much!  It magically works now.   For what its worth, I took 
> another FDS instance and did the same; remove the /usr/lib/sasl*/*md5* 
> libraries.  With the ns-slapd still running I observed no change to 
> the query of SASL types (ldapsearch -x -H ldap:// -LLL -s "base" -b "" 
> supportedSASLMechanisms).  So I restarted, and FDS still reports MD5.  
> So I wait a few minutes, restart FDS again, no luck ... still reports 
> MD5.  I begin to close all applications and prepare for a reboot, but 
> just before I issue the reboot command I check again.  Viola! no more 
> MD5.  weird...
That's really weird.  It should take effect after a restart.
>
> I'm not sure what magic happened to remove the MD5 SASL auth types.  A 
> simple FDS restart didn't seem to do the trick right off the bat.
Hmm - you might want to run lsof to see what processes have a handle to 
those libraries.
>
> End of story, my Mac's can now auth against my preferred directory 
> server.  something, something, something, happily every after...  THE 
> END!
>
> Thanks again Richard, and everybody else on the list!
> Mahalo nui loa,
> John
>
> On 11/16/06, *Richard Megginson* < rmeggins at redhat.com 
> <mailto:rmeggins at redhat.com>> wrote:
>
>     John Call wrote:
>     > Aloha list,
>     >
>     > I've run up against what Josh Kelley wrote about a few months ago
>     >
>     (http://www.redhat.com/archives/fedora-directory-users/2006-September/msg00063.html
>     > <
>     http://www.redhat.com/archives/fedora-directory-users/2006-September/msg00063.html>)
>     > where Mac OS X clients are not able to authenticate users due to
>     > CRAM-MD5.  Has any progress been made on the feature request /
>     bug he
>     > filed?
>     No, not yet.
>     > (https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206053
>     > <
>     https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206053>)  Thus
>     > far I've been unsuccessful at working around the CRAM-MD5 as he
>     > suggested by removing the /usr/lib/sasl2/libcrammd5.so* files.
>     Really?  Did you restart FDS once you removed those files?  Do you see
>     cram-md5 bind attempts in the FDS access log?
>     >
>     > Does anybody have any further insight on how I can get my Macs
>     to auth
>     > against FDS?
>     >
>     > Thanks so much,
>     > Mahalo,
>     > John Call
>     >
>     ------------------------------------------------------------------------
>     >
>     > --
>     > Fedora-directory-users mailing list
>     > Fedora-directory-users at redhat.com
>     <mailto:Fedora-directory-users at redhat.com>
>     > https://www.redhat.com/mailman/listinfo/fedora-directory-users
>     >
>
>
>     --
>     Fedora-directory-users mailing list
>     Fedora-directory-users at redhat.com
>     <mailto:Fedora-directory-users at redhat.com>
>     https://www.redhat.com/mailman/listinfo/fedora-directory-users
>     <https://www.redhat.com/mailman/listinfo/fedora-directory-users>
>
>
>
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20061120/c0bcbcc7/attachment.bin>

More information about the Fedora-directory-users mailing list