Hi all

    I got work  sasl authentication to access ldap server by correcting two things:
1.- inserting the proxyuser's userpassword in clear text  (userPassord=secret)
2.- fixing the proxyuser's authzTo atributte to
     authzTo: ldap:///ou=people,dc=plainjoe,dc=org??sub?(objectClass=account)
     (results at the end of this mail)

    As far as it can be seen, there's no need for cyrus-sasl for these matter

     but my final purpose is to enable Cyrus-sasl with openldap as backend to authenticate users for cyrus-imapd and postfix services.
     Any hints would be appreciated.

Thanks to all for your support

   Fernando



firewall:~ # ldapwhoami -U proxyuser -X u:test -Y digest-md5
SASL/DIGEST-MD5 authentication started
Please enter your password:
SASL username: u:test
SASL SSF: 128
SASL data security layer installed.
dn:uid=test,ou=people,dc=plainjoe,dc=org


firewall:~ # ldapsearch -Y digest-md5 -U proxyuser -b 'dc=plainjoe,dc=org' '(objectclass=*)'
SASL/DIGEST-MD5 authentication started
Please enter your password:
SASL username: proxyuser
SASL SSF: 128
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <dc=plainjoe,dc=org> with scope subtree
# filter: (objectclass=*)