Karen R McArthur wrote:
Okay, it's Friday and I'm brain-dead. I have openLDAP+SASL+Kerberos
up, configured and running with all passwords stored in our kerberos
database. I can run queries via simple/anonymous binds,
simple/anonymous binds overSSL/TLS, kerberos tickets, and kerberos
tickets with SSL/TLS. Where I'm running into problems is a simple
user bind
What version of OpenLDAP, and did you configure it with
--enable-spasswd? Did you configure slapd to use saslauthd, and is
saslauthd running with the Kerberos mechanism enabled? Seems like this
should be in the FAQ by now.
.
See the following:
ldapsearch -x -D "uid=dumbUser,ou=People,dc=example,dc=com" -W -b ""
-s base -LLL -H ldaps://server.example.com/ supportedSASLMechanisms
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
A user LDAP record looks like this:
dn: uid=dumbUser,ou=People,dc=example,dc=com
userPassword: [EMAIL PROTECTED]
You may ask "Why would I want to do this?" Well, I have a few clients
that can't do SASL binds.
Any ideas where to look?
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/
