On 06/25/13 18:04 +0530, Vishesh kumar wrote:
Hi Members,
I am trying to get SASL Proxy Authorization in work. GSSAPI authentication is already in place ++++++++++++
SASL/GSSAPI authentication started SASL username: admin@LINUXMANTRA.LOCAL SASL SSF: 56 SASL data security layer installed. dn:uid=admin,cn=gssapi,cn=auth ++++++++++++++++++++++++++
Do you actually have an entry of uid=admin,cn=gssapi,cn=auth in your tree? If not, it should map to an actual entry (with authz-regexp), if you are using authzTo for proxy auth.
But following command giving error ldapsearch -d 1 -Y GSSAPI -X "uid=vishesh,dc=linuxmantra,dc=local" -b"dc=linuxmantra,dc=local" -s base
Your -X option should be "dn:uid=vishesh,dc=linuxmantra,dc=local". See the manpage for ldapsearch, and chapter 15 of the Admin Guide on the website.
I already mentioned "authzTo: dn:uid=vishesh,dc=linuxmantra,dc=local" for admin DN.