Hello
how configure slapd.conf but i try setting SASL authentication on running slapd but ldap alway is crash "slapd in free(): error: junk pointer, too high to make sense" or crash on this line in source code file: saslauthz.c: Debug(LDAP_DEBUG_TRACE,'==>slap_sasl_authorized can %s become %s')
I am running ./slapd -d -1 on first console
on other console I running ldapsearch -I SASL/CRAM-MD5 authentication started SASL Interaction Please enter your authentication name: test Please enter your password: **** <enter> ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
and ldapd on first console:
dnNormalize: <uid=test,dc=example,dc=com>
=> ldap_bv2dn(uid=test,dc=example,dc=com,0) <= ldap_bv2dn(uid=test,dc=example,dc=com)=0 => ldap_dn2bv(272) <= ldap_dn2bv(uid=test,dc=example,dc=com)=0 <<< dnNormalize: <uid=test,dc=example,dc=com> <==slap_sasl2dn: Converted SASL name to uid=test,dc=example,dc=com slap_sasl_getdn: dn:id converted to uid=test,dc=example,dc=com SASL Canonicalize [conn=0]: slapAuthcDN="uid=test,dc=example,dc=com" SASL proxy authorize [conn=0]: authcid="test" authzid="test" <== slap_sasl_authorized: return 48 SASL proxy authorize after_5a [conn=0]: SASL Proxy Authorize [conn=0]: proxy authorization disallowed (48) SASL [conn=0] Failure: not authorized slapd in free(): error: junk pointer, too high to make sense
my installed version is: OpenLDAP: slapd 2.3.31 - SASL cyrus-sasl-2.1.21 <- this library is ok - i have running postfix with sasl - unixODBC-2.2.11 - MyODBC-3.51.11 - FreeBSD 5.X openldap normal working without tls and auth sasl but if I activate sasl and write bad password when I logged to ldap is ok, all crash is alway when I write correct user and password when i login
please help me.....
------------------ my slapd.conf:
include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org
pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel -1
#allow bind_anon_cred #defaultaccess none #readonly off
TLSCertificateFile /tmp/ldap.crt TLSCertificateKeyFile /tmp/ldap.key TLSCACertificateFile /tmp/ca.crt TLSCipherSuit HIGH
authzTo: uid=[^,]*,dc=example,dc=com
authz-regexp uid=([^,]*),cn=[^,]*,cn=auth uid=$1,dc=example,dc=com
####################################################################### # sql database definitions ####################################################################### database sql suffix "dc=example,dc=com"
rootdn "cn=test,dc=example,dc=com" #rootpw secret dbname ldap dbuser ldap dbpasswd ldap subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)" insentry_stmt "INSERT INTO ldap_entries (dn,oc_map_id,parent,keyval) VALUES (?,?,?,?)" has_ldapinfo_dn_ru no
access to attrs=userPassword by * auth