k pur 4krishan@gmail.com writes:
Hi, I am trying to get Pass-Through authentication to work for password verification.
Following the 'Pass-Through authentication' (14.5) in the openldap 2.4 admin guide, I hve configured saslauthd and slapd.conf (sasl) and
managed to successfully authenticate with Active Directory (AD) using the 'testsaslauthd' utility.
Setting a user password in my openldap database in the form
dn: uid=user,ou=org,dc=org.com
userPassword: {SASL}joe@ad.example.com
where joe@ad.example.com is the userPrincipalName defined for this
user in AD.
I can't authenticate, when using the ldapsearch command
$ ldapsearch -x -v -D 'uid=joe,ou=people,dc=myorg.com' -W -h ldaphost Comes up with error (49) I have enabled --enable-spasswd --with-cyrus-sasl when compiling openldap Has anybody configured this type of setup successfully? My question is - how do I configure my openldap server to talk to
You have to configure a sasl related slapd.conf, depending on you OS this file might be either in /usr/lib/sasl2/slapd.conf or /etc/sasl2/slapd.conf.
-Dieter