On Wed, 2010-09-08 at 23:38 -0500, Dan White wrote:
On 09/09/10 12:17 +0800, Wouter van Marle wrote:
Anyway I have changed my userPassword field (using GQ) to {SASL}wouter@SQUIRREL It still doesn't work of course. Also not when I set it to {SASL}wouter
In syslog I found the following error related to my attempt to open the address book in evolution: Sep 9 12:15:32 acorn slapd[15925]: conn=14 op=43 SEARCH RESULT tag=101 err=0 nentries=59 text= Sep 9 12:15:39 acorn slapd[15925]: conn=135 fd=54 ACCEPT from IP=192.168.2.4:39863 (IP=0.0.0.0:389) Sep 9 12:15:39 acorn slapd[15925]: conn=135 op=0 BIND dn="uid=wouter,ou=People,dc=squirrel" method=128 Sep 9 12:15:39 acorn slapd[15925]: SASL [conn=135] Failure: cannot connect to saslauthd server: Permission denied Sep 9 12:15:39 acorn slapd[15925]: conn=135 op=0 RESULT tag=97 err=49 text=
So there is something in saslauthd that does not accept connections from slapd. Now the big question is why? As I have no idea where to start searching for this.
Wouter.
You're close.
On Debian/Ubuntu, do:
adduser openldap sasl
# adduser openldap sasl Adding user `openldap' to group `sasl' ... Adding user openldap to group sasl Done.
The issue is that the /var/run/saslauthd directory, where the saslauthd unix socket is located, is only accessible by group 'sasl' (and root).
True: drwx--x--- 2 root sasl 4096 2010-09-09 10:14 saslauthd
Still the same permission denied error message in syslog!
Wouter.