RE: upgrade from Cyrus 2.1.15 to cyrus 2.2.3 breaks LDAP auxpropauthentication.
Here is the "nohup slapd -d 255" file. and the entries from auth.log when running "imtest -a cyrus -u cyrus -m login devel" Feb 11 20:48:13 devel slapd[2927]: auxpropfunc error -7 Feb 11 20:48:13 devel slapd[2927]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb Feb 11 20:48:20 devel imap[2922]: DIGEST-MD5 client step 2 Feb 11 20:48:20 devel imap[2922]: DIGEST-MD5 client step 2 Feb 11 20:48:20 devel imap[2922]: bad userid authenticated There is no step 1 in there.. How odd.. On Wed, 2004-02-11 at 19:58, Howard Chu wrote: > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of Edward Rudd > > > OK I patched my OpenLDAP and recompiled, installed restarted postfix, > > cyrus imapd, and started up ldap. And it still retuns "user not found" > > when I try to login to cyrus imap. But the auth.log now shows > > something different.. > > --- auth.log --- > > Feb 11 19:19:46 devel imtest: DIGEST-MD5 client step 2 > > Feb 11 19:19:53 devel imtest: DIGEST-MD5 client step 2 > > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 server step 2 > > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 client step 2 > > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 client step 2 > > Feb 11 19:19:53 devel imap[2282]: bad userid authenticated > > Feb 11 19:19:53 devel imap[2282]: no secret in database > > > > What happened to step 1? > > > And my ldap.log shows this (loglevel 255) > > --- ldap.log --- > > Feb 11 19:19:53 devel slapd[2053]: daemon: read activity on 12 > > Feb 11 19:19:53 devel slapd[2053]: connection_get(12) > > Feb 11 19:19:53 devel slapd[2053]: connection_get(12): got connid=5 > > Feb 11 19:19:53 devel slapd[2053]: connection_read(12): checking for > > input on id=5 > > OpenLDAP's syslog output is not useful for debugging; it's mainly for > reporting normal operational status. You need to run slapd in debug mode and > save the output from stderr when you actually want to chase a bug. > > In this case, both your auth.log and your ldap.log indicate that a SASL Bind > has been performed in an improper sequence (i.e., step 1 doesn't appear in > the log, and it seems that some other request has been made before the SASL > Bind properly completed.). To see exactly what happened, you'll need the > debug trace from slapd. > > -- Howard Chu > Chief Architect, Symas Corp. Director, Highland Sun > http://www.symas.com http://highlandsun.com/hyc > Symas: Premier OpenSource Development and Support > -- Edward Rudd <[EMAIL PROTECTED]> Website http://outoforder.cc/ ldaplog.gz Description: GNU Zip compressed data
RE: upgrade from Cyrus 2.1.15 to cyrus 2.2.3 breaks LDAP auxpropauthentication.
Step one is there just before the imtest: DIGEST-MD5 client step 2.. forgot to copy it in there.. On Wed, 2004-02-11 at 19:58, Howard Chu wrote: > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of Edward Rudd > > > OK I patched my OpenLDAP and recompiled, installed restarted postfix, > > cyrus imapd, and started up ldap. And it still retuns "user not found" > > when I try to login to cyrus imap. But the auth.log now shows > > something different.. > > --- auth.log --- > > Feb 11 19:19:46 devel imtest: DIGEST-MD5 client step 2 > > Feb 11 19:19:53 devel imtest: DIGEST-MD5 client step 2 > > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 server step 2 > > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 client step 2 > > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 client step 2 > > Feb 11 19:19:53 devel imap[2282]: bad userid authenticated > > Feb 11 19:19:53 devel imap[2282]: no secret in database > > > > What happened to step 1? > > > And my ldap.log shows this (loglevel 255) > > --- ldap.log --- > > Feb 11 19:19:53 devel slapd[2053]: daemon: read activity on 12 > > Feb 11 19:19:53 devel slapd[2053]: connection_get(12) > > Feb 11 19:19:53 devel slapd[2053]: connection_get(12): got connid=5 > > Feb 11 19:19:53 devel slapd[2053]: connection_read(12): checking for > > input on id=5 > > OpenLDAP's syslog output is not useful for debugging; it's mainly for > reporting normal operational status. You need to run slapd in debug mode and > save the output from stderr when you actually want to chase a bug. > > In this case, both your auth.log and your ldap.log indicate that a SASL Bind > has been performed in an improper sequence (i.e., step 1 doesn't appear in > the log, and it seems that some other request has been made before the SASL > Bind properly completed.). To see exactly what happened, you'll need the > debug trace from slapd. > > -- Howard Chu > Chief Architect, Symas Corp. Director, Highland Sun > http://www.symas.com http://highlandsun.com/hyc > Symas: Premier OpenSource Development and Support > -- Edward Rudd <[EMAIL PROTECTED]> Website http://outoforder.cc/ --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
RE: upgrade from Cyrus 2.1.15 to cyrus 2.2.3 breaks LDAP auxpropauthentication.
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Edward Rudd > OK I patched my OpenLDAP and recompiled, installed restarted postfix, > cyrus imapd, and started up ldap. And it still retuns "user not found" > when I try to login to cyrus imap. But the auth.log now shows > something different.. > --- auth.log --- > Feb 11 19:19:46 devel imtest: DIGEST-MD5 client step 2 > Feb 11 19:19:53 devel imtest: DIGEST-MD5 client step 2 > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 server step 2 > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 client step 2 > Feb 11 19:19:53 devel imap[2282]: DIGEST-MD5 client step 2 > Feb 11 19:19:53 devel imap[2282]: bad userid authenticated > Feb 11 19:19:53 devel imap[2282]: no secret in database > What happened to step 1? > And my ldap.log shows this (loglevel 255) > --- ldap.log --- > Feb 11 19:19:53 devel slapd[2053]: daemon: read activity on 12 > Feb 11 19:19:53 devel slapd[2053]: connection_get(12) > Feb 11 19:19:53 devel slapd[2053]: connection_get(12): got connid=5 > Feb 11 19:19:53 devel slapd[2053]: connection_read(12): checking for > input on id=5 OpenLDAP's syslog output is not useful for debugging; it's mainly for reporting normal operational status. You need to run slapd in debug mode and save the output from stderr when you actually want to chase a bug. In this case, both your auth.log and your ldap.log indicate that a SASL Bind has been performed in an improper sequence (i.e., step 1 doesn't appear in the log, and it seems that some other request has been made before the SASL Bind properly completed.). To see exactly what happened, you'll need the debug trace from slapd. -- Howard Chu Chief Architect, Symas Corp. Director, Highland Sun http://www.symas.com http://highlandsun.com/hyc Symas: Premier OpenSource Development and Support --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
