Re: DIGEST-MD5 returns 'user not found'

2007-04-03 Thread Howard Chu
[EMAIL PROTECTED] wrote: Thanks, Howard; I think I'm beginning to understand this. So, the AUTHENTICATION piece is done by SASL using digest_md5, an 'external' connection to TLS, etc. But the AUTHORIZATION piece is handled by the rules defined in the access control policy section of slapd.conf,

RE: DIGEST-MD5 returns 'user not found'

2007-04-03 Thread lemons_terry
ght? Thanks tl -Original Message- From: Howard Chu [mailto:[EMAIL PROTECTED] Sent: Monday, April 02, 2007 3:36 PM To: Lemons, Terry Cc: [EMAIL PROTECTED]; openldap-software@openldap.org Subject: Re: DIGEST-MD5 returns 'user not found' [EMAIL PROTECTED] wrote: > Hi Howard >

Re: DIGEST-MD5 returns 'user not found'

2007-04-02 Thread Howard Chu
[EMAIL PROTECTED] wrote: Hi Howard The SASL library tries all available information sources. If there was a "root" user record in your sasldb2 file it would have been used. Since your sasldblistusers2 output shows "[EMAIL PROTECTED]" I'd say you have the wrong realm info in your database, as

RE: DIGEST-MD5 returns 'user not found'

2007-04-02 Thread lemons_terry
Hi Howard >The SASL library tries all available information sources. If there was a >"root" user record in your sasldb2 file it would have been used. Since >your sasldblistusers2 output shows "[EMAIL PROTECTED]" I'd say you have the >wrong realm info in your database, as that doesn't match eith

RE: DIGEST-MD5 returns 'user not found'

2007-04-02 Thread Quanah Gibson-Mount
--On Monday, April 02, 2007 2:25 PM -0400 [EMAIL PROTECTED] wrote: Thanks for the reply It is used as far as sasldb2 is populated as appropriate; please refer to Cyrus SASL documentation for instructions about populating it. Do you mean http://www.sendmail.org/~ca/email/cyrus/sysadmin.htm

Re: DIGEST-MD5 returns 'user not found'

2007-04-02 Thread Howard Chu
as that doesn't match either "root" or "[EMAIL PROTECTED]". Thanks tl -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chapman, Kyle Sent: Monday, April 02, 2007 11:42 AM To: openldap-software@openldap.org Subject: RE: DIGEST-MD5

RE: DIGEST-MD5 returns 'user not found'

2007-04-02 Thread lemons_terry
Thanks for the reply >It is used as far as sasldb2 is populated as appropriate; please refer >to Cyrus SASL documentation for instructions about populating it. Do you mean http://www.sendmail.org/~ca/email/cyrus/sysadmin.html? I've crawled around the CMU web site, and have Google'd , and haven

Re: DIGEST-MD5 returns 'user not found'

2007-04-02 Thread Pierangelo Masarati
[EMAIL PROTECTED] wrote: > Thanks, as ever, for the help, Kyle. > > I started slapd in debug mode. When I executed the command you > suggested, I see: > > ldap_err2string <= ldap_dn2bv(uid=root,cn=digest-md5,cn=auth)=0 > Success <<< dnNormalize: > ==>slap_sasl2dn: converting SASL name uid=root

RE: DIGEST-MD5 returns 'user not found'

2007-04-02 Thread lemons_terry
nal Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chapman, Kyle Sent: Monday, April 02, 2007 11:42 AM To: openldap-software@openldap.org Subject: RE: DIGEST-MD5 returns 'user not found' Does: Ldapsearch -y digest-md5 -U root -R tivo2 -W Show anything diff. I hav

RE: DIGEST-MD5 returns 'user not found'

2007-04-02 Thread Chapman, Kyle
Does: Ldapsearch -y digest-md5 -U root -R tivo2 -W Show anything diff. I havent used sasldb2 stuff in a while, however with digestmd5 when secrets are stored in the ldap dit, had to be clear text. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL