RE: authentication failure through LDAP

Esteban . Prospero Mon, 16 Jul 2001 06:32:09 -0700



>       > authlib/authinfo
>       >> AUTHENTICATION_MODULES="authdaemon"
>       >> AUTHDAEMONMODULELIST="authldap"
>       >> SASL_AUTHENTICATION_MODULES="PLAIN LOGIN"
>       > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>       >  
>       > Is it necessary to have SASL authentication installed for
> sqwebmail to work
>       > with openldap? 
> 
>       This has nothing to do with sqwebmail.  There's a bunch of code in
> authlib 
>       that sqwebmail does not use. 
> 
>       > Anyone has a hint?
>       >  
>       > Here is more info:
>       >  
>       > tests:
>       > ===
>       >> authlib/authtest [EMAIL PROTECTED] vdeop
>       >> Temporary authentication failure from module authdaemon
>       >> Authentication FAILED! 
>       >> 
>       >> authlib/authtest -s webmail [EMAIL PROTECTED] vdeop
>       >> Temporary authentication failure from module authdaemon
>       >> Authentication FAILED! 
>       >> 
>       > authldaprc file:
>       > ==========
>       >> LDAP_SERVER             129.214.184.185
>       >> LDAP_PORT                    389
>       >> LDAP_BASEDN
> o=QMail,o=ISPTotalSuite,dc=siemens,dc=com,dc=ar
>       >> LDAP_BINDDN             cn=Manager,dc=siemens,dc=com,dc=ar
>       >> LDAP_BINDPW             secret
>       >> LDAP_MAIL                    mail
>       >> LDAP_HOMEDIR            mailMessageStore
>       >> LDAP_CRYPTPW            userPassword 
>       >> 
>       > authdaemonrc file:
>       > =============
>       >> authmodulelist="authldap"
>       >> version="authdaemond.ldap" 
>       >> 
>       > THANKS IN ADVANCE!!
> 
                >And what does ps(1) show, regarding the authdaemond
process? 

>       ps -ef | grep auth
>       --------------------------------
> 
>       root 19267 19265  0   Jul 13 ?        0:00
> /usr/local/libexec/authlib/authdaemond.ldap start
>       root 10766 20230  0 15:55:21 pts/1    0:00 grep auth
>       root 19266 19265  0   Jul 13 ?        0:00
> /usr/local/libexec/authlib/authdaemond.ldap start
>       root 19268 19265  0   Jul 13 ?        0:00
> /usr/local/libexec/authlib/authdaemond.ldap start
>       root 19269 19265  0   Jul 13 ?        0:00
> /usr/local/libexec/authlib/authdaemond.ldap start
>       root 19265     1  0   Jul 13 ?        0:00
> /usr/local/libexec/authlib/authdaemond.ldap start
>       root 19270 19265  0   Jul 13 ?        0:00
> /usr/local/libexec/authlib/authdaemond.ldap start
> 
                > And what do you see in your syslog? 

>       /var/adm/messages
>       -------------------------------
> 
>       Jul 16 16:02:08 atg-ispsuite authdaemond.lda[19266]: authlib: refuse
> to authenticate [EMAIL PROTECTED]: uid=0, gid=0 
> 
                The latter message is only logged when an authentication
test including the domain in the address is performed (such as
"[EMAIL PROTECTED]"); when I test "vdeop" authentication fails, but no
message is logged. 
                In the authldaprc file I've added:

                LDAP_GLOB_UID   11184 
                LDAP_GLOB_GID   2110

                which are the uid/gid of the user vmail, the owner of the
directories tree of the maildirs.

                At the moment, we're going throug authdaemond.ldap.c to see
why this message is logged...


                Thanks!
                Esteban
RE: authentication failure through LDAP

Reply via email to
