Hii List,

I have openldap-2.4.7 configured with openssl  which was working fine till date.
Now I have installed Cyrus-SASL-2.2.21 without any problems.
I have rebuilt our openldap-2.4.7 as
 
[root@as3 libexec]# env LD_LIBRARY_PATH="/usr/local/BerkeleyDB.4.6/lib:/usr/loc
al/lib/sasl2:/usr/local/ssl/lib" CPPFLAGS="-I/usr/local/BerkeleyDB.4.6/include
-I/usr/local/ssl/include -I/usr/local/include" LDFLAGS="-L/usr/local/ssl/lib -L
/usr/local/BerkeleyDB.4.6/lib -L/usr/local/lib/sasl2 -R/usr/local/lib -R/usr/lo
cal/lib/sasl2 -R/usr/local/Berkeley.DB.4.6 -R/usr/local/ssl/lib" LIBS=-ldl ./co
nfigure --with-tls=openssl --with-cyrus-sasl

Every thing went fine.

We would like to use SASL/GSSAPI mechanism(we have working kerberos)
I have added the following lines to my slapd.conf file:


authz-regexp

 uid=([^,]*),cn=bsnl.com,cn=gssapi,cn=auth
 uid=$1,ou=people,dc=bsnl,dc=com

I have given a space before uid lines... Is it correct?
I have written the lines specified in the admin guide for testing..
{ Also  anyone please tell me from where can I get more info about authz-regexp directive and the values it can take....}

Now when i start slapd as:
slapd -d127 -h "ldaps:///"

ps -ef|grep slapd is showing

root      3912  7442  0 18:40 pts/2    00:00:00 slapd -d127 -h ldaps:///
root      3919  3516  0 18:44 pts/4    00:00:00 grep slapd

and part of debug info regarding slapd start is:
daemon: new connection on 12
daemon: added 12r
daemon: activity on:
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12)
connection_get(12): got connid=1
connection_read(12): checking for input on id=1
TLS trace: SSL_accept:before/accept initialization
tls_read: want=11, got=0

TLS: can't accept.
connection_read(12): TLS accept error error=-1 id=1, closing
connection_closing: readying conn=1 sd=12 for close
connection_close: conn=1 sd=12
daemon: removing 12
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL

Till date there was no problem with SSL-LDAP combination and it started giving trouble after SASL support was added
I have created principal for slapd as specified in the guide.
Also created one slapd.conf file  for use with saslauthd daemon.It has:
pwcheck_method: saslauthd
saslauthd_path: /var/run/saslauthd/mux
mech_list: plain login ntlm kerberos5
~
~
I dont know where to start for making the entire combination to work....
Please help me to get this sorted ...
I shall be gratefule for every response
Thanx in advance...

Regards,
Padma.
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 
review, distribution, printing or copying of the 
information contained in this e-mail message 
and/or attachments to it are strictly prohibited. If 
you have received this communication in error, 
please notify us by reply e-mail or telephone and 
immediately and permanently delete the message 
and any attachments. Thank you