--On Thursday, July 14, 2022 10:13 AM +0200 Stéphane Veyret sveyret@gmail.com wrote:
Le lun. 11 juil. 2022 à 17:22, Quanah Gibson-Mount quanah@fast-mail.org a écrit :
Do the logs from saslauthd show that LDAP is actually forwarding the requests to it?
No, I have nothing at saslauthd side, except the starting logs : # saslauthd -d -a kerberos5 saslauthd[31345] :num_procs : 5 saslauthd[31345] :mech_option: NULL saslauthd[31345] :run_path : /run/saslauthd saslauthd[31345] :auth_mech : kerberos5 saslauthd[31345] :using accept lock file: /run/saslauthd/mux.accept saslauthd[31345] :master pid is: 0 saslauthd[31345] :listening on socket: /run/saslauthd/mux saslauthd[31345] :using process model saslauthd[31345] :forked child: 31346 saslauthd[31346] :acquired accept lock saslauthd[31345] :forked child: 31347 saslauthd[31345] :forked child: 31348 saslauthd[31345] :forked child: 31349
Ok, you may need to run slapd under debug mode (-1) and then try binding as one of the users with userPassword set to the {SASL}username@realm value to see what it's doing.
Regards, Quanah