On Wed, 2012-01-25 at 17:16 -0500, Dan White wrote:
Verify (with netstat) that saslauthd is listening on '/var/run/sasl2/mux',
and verify the user/group that slapd is running under has permissions to
access /var/run/sasl2.
The permissions on /var/run/saslauthd look fine to me -- when I run
On 01/26/12 11:43 -0800, Chastity Blackwell wrote:
On Wed, 2012-01-25 at 17:16 -0500, Dan White wrote:
Verify (with netstat) that saslauthd is listening on '/var/run/sasl2/mux',
and verify the user/group that slapd is running under has permissions to
access /var/run/sasl2.
The permissions on
On Thu, 2012-01-26 at 15:23 -0500, Dan White wrote:
That indicates a mistake in your /etc/sasl2/slapd.conf, which should have:
saslauthd_path: /var/run/saslauthd/mux
not /var/run/sasl2/mux
Well, now I just feel like an idiot. :) That did move things along a
bit, though now I'm getting this
On 26.01.2012 22:53, Chastity Blackwell wrote:
On Thu, 2012-01-26 at 15:23 -0500, Dan White wrote:
That indicates a mistake in your /etc/sasl2/slapd.conf, which should have:
saslauthd_path: /var/run/saslauthd/mux
not /var/run/sasl2/mux
Well, now I just feel like an idiot. :) That did move
Raffael Sahli wrote:
On 26.01.2012 22:53, Chastity Blackwell wrote:
On Thu, 2012-01-26 at 15:23 -0500, Dan White wrote:
That indicates a mistake in your /etc/sasl2/slapd.conf, which should have:
saslauthd_path: /var/run/saslauthd/mux
not /var/run/sasl2/mux
Well, now I just feel like an
Hi
I did an upgrade of two ldap server (master/slave) from 2.4.21 to 2.4.28
two days ago.
And today, the master crashed, if I do an ldapsearch:
root@ldap-master001 /]#--- ldapsearch -ZZ -hlocalhost -d-1
ldap_create
ldap_url_parse_ext(ldap://localhost)
ldap_extended_operation_s
On Thu, 2012-01-26 at 17:38 -0500, Howard Chu wrote:
Raffael Sahli wrote:
No, authz-regexp is to map a sasl dn to a real user account in your ldap
directory.
But your user is c...@test.com with a realm named test.com, your
userPassword should be {SASL}chas@KRBTEST
What the heck are
On 01/25/12 12:14 -0800, Chastity Blackwell wrote:
I've made a lot of progress, but I've run into a wall. Kerberos and LDAP
are working in my testbed, and I can kinit and do an ldapwhoami no
problem. testsaslauthd also gives me a success when I run it. However,
What does your testsaslauthd
Chastity Blackwell wrote:
On Thu, 2012-01-26 at 17:38 -0500, Howard Chu wrote:
Raffael Sahli wrote:
No, authz-regexp is to map a sasl dn to a real user account in your ldap
directory.
But your user is c...@test.com with a realm named test.com, your
userPassword should be {SASL}chas@KRBTEST
--On Friday, January 27, 2012 12:07 AM +0100 Raffael Sahli
pub...@raffaelsahli.com wrote:
Hi
I did an upgrade of two ldap server (master/slave) from 2.4.21 to 2.4.28
two days ago.
And today, the master crashed, if I do an ldapsearch:
Has someone similar problems, or can somone helps me?
On Thu, 2012-01-26 at 18:40 -0500, Howard Chu wrote:
Does kinit work for your chas@KRBTEST user? Judging from what you've pasted
here, I don't think it should. Get your basic Kerberos installation working
first. Take things one step at a time.
It does:
[chas@ldapsandbox log]$ ldapwhoami
Woops. I should point out that this:
[domain_realm]
.agkn.net = KRBTEST
agkn.net = KRBTEST
should be this, to match my other examples:
[domain_realm]
.test.com = KRBTEST
test.com = KRBTEST
Bit of a sanitization fail there. :)
On Thu, 2012-01-26 at 18:17 -0500, Dan White wrote:
What does your testsaslauthd command look like? Are you passing a '-u
u...@example.com', or a '-r example.com', or both?
[chas@ldapsandbox ~]$ /usr/sbin/testsaslauthd -u chas -p test -s ldap
0: OK Success.
What is your default kerberos
Chastity Blackwell wrote:
On Thu, 2012-01-26 at 18:40 -0500, Howard Chu wrote:
Does kinit work for your chas@KRBTEST user? Judging from what you've pasted
here, I don't think it should. Get your basic Kerberos installation working
first. Take things one step at a time.
It does:
On Thu, 2012-01-26 at 19:27 -0500, Howard Chu wrote:
Seems like it's working for the wrong reasons, then. Your krb5.conf:
[realms]
AKTEST = {
kdc = ldapsandbox.test.com:88
admin_server = ldapsandbox.test.com:749
default_domain = test.com
You defined a kdc for an AKTEST realm;
15 matches
Mail list logo