[Fedora-directory-users] How to make anonymous SASL work?
devel - Fashion Content
devel at fashioncontent.com
Mon Sep 18 17:19:29 UTC 2006
I have the mailserver and the directory on the same server.
I have installed OpenLDAP client & libs and cyrus sasl.
Fedora DS ldapsearch is not on the path.
The Fedora DS now stores userPasswords as plaintext.
saslauthd run with: MECH=ldap, FLAGS=-c
saslauthd.conf:
ldap_servers: ldap://127.0.0.1
ldap_search_base: ou=People,dc=fashioncontent,dc=com
ldap_bind_dn: cn=Directory Manager,dc=fashioncontent,dc=com
ldap_bind_pw: secret
ldap_filter: (&(objectClass=inetorgperson)(uid=%u))
ldap_use_sasl: no
ldap_auth_method: bind
ldap_version: 3
ldap_debug: 3
ldap_verbose: on
log_level: 255
OpenLDAP ldapsearch: Shows userPassword results hashed, but otherwise shows
the users I look up
OpenLDAP ldapsearch userPassword=secret: Success
Fedora ldapsearch: Fails to find anything
testsaslauthd -u devel -p secret: Fails to find anything, error code 32 I
think
I haven't figured out how to make saslauthd report the ldap queries, so I
know very little of what happens and the Fedora logs
don't appear to help much more.
Henrik
More information about the Fedora-directory-users
mailing list