On Thursday, 9 September 2010 08:12:11 Wouter van Marle wrote:
On Wed, 2010-09-08 at 23:40 -0700, Howard Chu wrote:
Wouter van Marle wrote:
On Wed, 2010-09-08 at 21:34 -0500, Dan White wrote:
On 09/09/10 10:21 +0800, Wouter van Marle wrote:
That requires pass-through authentication.
Wouter van Marle wrote:
On Wed, 2010-09-08 at 21:34 -0500, Dan White wrote:
On 09/09/10 10:21 +0800, Wouter van Marle wrote:
That requires pass-through authentication.
I see.
Well with the above instructions nothing seems to have changed.
I have restarted saslauthd and slapd after making the
On Wed, 2010-09-08 at 23:40 -0700, Howard Chu wrote:
Wouter van Marle wrote:
On Wed, 2010-09-08 at 21:34 -0500, Dan White wrote:
On 09/09/10 10:21 +0800, Wouter van Marle wrote:
That requires pass-through authentication.
I see.
Well with the above instructions nothing seems to have
Wouter van Marle wou...@squirrel-systems.com writes:
On Wed, 2010-09-08 at 23:40 -0700, Howard Chu wrote:
Wouter van Marle wrote:
On Wed, 2010-09-08 at 21:34 -0500, Dan White wrote:
On 09/09/10 10:21 +0800, Wouter van Marle wrote:
That requires pass-through authentication.
I see.
On Thu, 2010-09-09 at 10:43 +0200, Dieter Kluenter wrote:
Wouter van Marle wou...@squirrel-systems.com writes:
On Wed, 2010-09-08 at 23:40 -0700, Howard Chu wrote:
Wouter van Marle wrote:
On Wed, 2010-09-08 at 21:34 -0500, Dan White wrote:
On 09/09/10 10:21 +0800, Wouter van Marle
On 09/09/10 12:47 +0800, Wouter van Marle wrote:
Adding user `openldap' to group `sasl' ...
Adding user openldap to group sasl
Done.
(Did you restart slapd?)
The issue is that the /var/run/saslauthd directory, where the
saslauthd unix socket is located, is only accessible by group 'sasl'
On 9 Sep 10, at 21:47, Dan White wrote:
On 09/09/10 12:47 +0800, Wouter van Marle wrote:
Adding user `openldap' to group `sasl' ...
Adding user openldap to group sasl
Done.
(Did you restart slapd?)
I don't remember... restarted it many times in the process :) I'm not
used to need to
--On Thursday, September 09, 2010 5:13 PM +0800 Wouter van Marle
wou...@squirrel-systems.com wrote:
Kerberos is the authentication system, it's specialised in that. At
least that's what I learned about it. I have set it up in order to have
a single sign-on, a single password for all services
You are directing your unhappiness at the wrong place, as Howard already
noted. As someone who set up a large OpenLDAP directory service that only
allows SASL/GSSAPI connections, the issue is not OpenLDAP. The problem is
client software that, even though SASL has been a standard for many,
On 09/09/10 19:41 +0200, Dieter Kluenter wrote:
Wouter van Marle wou...@squirrel-systems.com writes:
On 9 Sep 10, at 21:47, Dan White wrote:
On 09/09/10 12:47 +0800, Wouter van Marle wrote:
[...]
Most important difference is that pam is not mentioned here. But then
from other mails I
Quanah, I know that in the past you, Howard and others have contributed
pieces of software to other LDAP-enabled software to enable SASL auth.
I had myself some bad experience in contributing things to software
maintainers that did not even understand the need or the importance of
what I
Dear list,
First of all thank you for all the comments on this problem.
It seems currently the ldap implementation of evolution is blamed, which
is something I can not agree with.
At this moment, I can connect to my ldap server from Evolution,
authenticated. I have to enter a username and a
Dan White dwh...@olp.net writes:
On 09/09/10 20:05 -0700, Russ Allbery wrote:
If you are using Kerberos, you should never have to enter your username
and password into anything that isn't kinit or your initial
authentication to your system. If you do, that something is broken and
is not
On Thu, 2010-09-09 at 23:02 -0500, Dan White wrote:
On 09/09/10 20:05 -0700, Russ Allbery wrote:
Wouter van Marle wou...@squirrel-systems.com writes:
At this moment, I can connect to my ldap server from Evolution,
authenticated. I have to enter a username and a password in my evo
settings,
Dan White wrote:
On 09/09/10 20:05 -0700, Russ Allbery wrote:
Wouter van Marlewou...@squirrel-systems.com writes:
At this moment, I can connect to my ldap server from Evolution,
authenticated. I have to enter a username and a password in my evo
settings, which one way or another is
On 09/09/10 21:25 -0700, Howard Chu wrote:
Dan White wrote:
On 09/09/10 20:05 -0700, Russ Allbery wrote:
Wouter van Marlewou...@squirrel-systems.com writes:
At this moment, I can connect to my ldap server from Evolution,
authenticated. I have to enter a username and a password in my evo
On 08/09/10 22:53 +0800, Wouter van Marle wrote:
Hi group,
I have been fighting the whole day already for something that I think
is quite simple but I just can't get it to work: have slapd
authenticate users against kerberos. Following many tutorials, trying
many things, I give up on that
On 08/09/10 12:15 -0500, Dan White wrote:
To have slapd use saslauthd for authentication, you'll need to create the
file /usr/lib/sasl2/slapd.conf, with these contents:
pwcheck_method: saslauthd
mech_list: plain login
and optionally
keytab: /etc/krb5.keytab (which is the standard location)
To have slapd use saslauthd for authentication, you'll need to create the
file /usr/lib/sasl2/slapd.conf, with these contents:
pwcheck_method: saslauthd
mech_list: plain login
and optionally
keytab: /etc/krb5.keytab (which is the standard location)
Check. As per a previous trial I
Also see:
http://www.cyrusimap.org/mediawiki/index.php/FAQ#Cyrus_SASL_Questions
I followed those steps, finding out that the client didn't have the sasl
gssapi module installed (apparently necessary?! I guessed the
authentication is done by slapd on the server?).
All other tests mentioned
On 09/09/10 10:21 +0800, Wouter van Marle wrote:
That requires pass-through authentication.
I see.
Well with the above instructions nothing seems to have changed.
I have restarted saslauthd and slapd after making the changes, and when
now accessing the ldap addressbook using Evolution, I still
On 09/09/10 12:17 +0800, Wouter van Marle wrote:
Anyway I have changed my userPassword field (using GQ) to
{sasl}wou...@squirrel
It still doesn't work of course.
Also not when I set it to {SASL}wouter
In syslog I found the following error related to my attempt to open the
address book in
On Wed, 2010-09-08 at 23:38 -0500, Dan White wrote:
On 09/09/10 12:17 +0800, Wouter van Marle wrote:
Anyway I have changed my userPassword field (using GQ) to
{sasl}wou...@squirrel
It still doesn't work of course.
Also not when I set it to {SASL}wouter
In syslog I found the following error
23 matches
Mail list logo