Hi all
I got work sasl authentication to access ldap server by correcting two things:
1.- inserting the proxyuser's userpassword in clear text (userPassord=secret)
2.- fixing the proxyuser's authzTo atributte to
authzTo: ldap:///ou=people,dc=plainjoe,dc=org??sub?(objectClass=account)
(results at the end of this mail)
As far as it can be seen, there's no need for cyrus-sasl for these matter
but my final purpose is to enable Cyrus-sasl with openldap as
backend to authenticate users for cyrus-imapd and postfix services.
Any hints would be appreciated.
Thanks to all for your support
Fernando
firewall:~ # ldapwhoami -U proxyuser -X u:test -Y digest-md5
SASL/DIGEST-MD5 authentication started
Please enter your password:
SASL username: u:test
SASL SSF: 128
SASL data security layer installed.
dn:uid=test,ou=people,dc=plainjoe,dc=org
firewall:~ # ldapsearch -Y digest-md5 -U proxyuser -b 'dc=plainjoe,dc=org' '(objectclass=*)'
SASL/DIGEST-MD5 authentication started
Please enter your password:
SASL username: proxyuser
SASL SSF: 128
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <dc=plainjoe,dc=org> with scope subtree
# filter: (objectclass=*)