Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Ubuntu User (http://www.linux-archive.org/ubuntu-user/)
-   -   LDAP+SASL (http://www.linux-archive.org/ubuntu-user/248933-ldap-sasl.html)

Michael Peek 02-19-2009 08:26 PM

LDAP+SASL
 
Hi gurus,

I'm attempting to set up LDAP and I've run into a snag. Linux clients
bind fine without SASL, but a Mac client is trying to bind with it. My
understanding is that this is because slapd is advertising SASL as a
valid authentication mechanism, and so the Macs see that and are running
with it.

I've attempted to set up SASL -- I've created the /etc/sasldb2 with my
directory admin's password:

saslpasswd2 -c <diradmin>
Password: <diradmin's password>
Again (for verification): <diadmin's password>

And I've set up a sasl-regexp:

sasl-regexp uid=(.*),cn=.*,cn=auth
uid=$1,ou=People,dc=nimbios,dc=org

But when I try to bind the client, I get the following in my log file:

slapd[6200]: <= bdb_equality_candidates: (ou) not indexed
slapd[6200]: SASL [conn=9] Failure: no secret in database

So I have two options -- either figure out how to set up SASL properly,
or figure out how to tell slapd to tell the Mac client that SASL is not
one of the valid authentication mechanisms (and then use SSL for
encryption).

Can anyone lend me a hand?

Michael


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users


All times are GMT. The time now is 08:06 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.