Hello All,
I've installed the cyrus-sasl-md5-2.1.22-5.el5_4.3.x86_64.rpm package.
*Logs:*
/root>pluginviewer
Installed SASL (server side) mechanisms are:
*CRAM-MD5 ANONYMOUS DIGEST-MD5 PLAIN LOGIN EXTERNAL*
......
**
/u01/app/openldap/product/2.4.26/etc/openldap>ldapsearch -x -b "" -s base -LLL supportedSASLMechanisms dn: *supportedSASLMechanisms: CRAM-MD5 supportedSASLMechanisms: DIGEST-MD5**
* and again started with SASL process (tried several times) but everytime... got an error: *Steps i followed:* 1> saslpasswd2 -c sasluser3 2> sasldblistusers2 3> Stop LDAP 4> edit slapd.conf and add following lines: password-hash {CLEARTEXT} sasl-regexp uid=(.*),cn=DIGEST-MD5,cn=auth uid=$1,ou=System,o=xyz 5> Start LDAP 6> Add account from ldif: add_sasl_accnt3.ldif ---------------------------- # TEST Account for SASL: dn: uid=sasluser3,ou=System,o=xyz uid: sasluser3 ou: System description: Special account for SASL Testing userPassword: sasluser3 objectClass: account objectClass: simpleSecurityObject 7> ldapadd -x -D cn=Manager,o=xyz -W -f add_sasl_accnt3.ldif 8> *ldapsearch -Y DIGEST-MD5 -U sasluser3 -b 'o=xyz'* Or *ldapsearch -U sasluser5 -b 'o=xyz'*
But evrytime got error as: SASL/DIGEST-MD5 authentication started Please enter your password: ldap_sasl_interactive_bind_s: Invalid credentials (49) additional info: SASL(-13): user not found: no secret in database
Thks a lot for helping me.
Regards, Gaurav Gugnani
On Thu, Feb 2, 2012 at 11:13 PM, Gaurav Gugnani gugnanigaurav@gmail.comwrote:
Hello,
Thks for helping me out. Yes, the package is missing.
The O/P of plugin viewer: /u01/app/openldap/product/2.4.26/etc/openldap>pluginviewer Installed SASL (server side) mechanisms are: ANONYMOUS PLAIN LOGIN EXTERNAL
And clearly it is not displaying any MD5 SASL mechanism.
Now, i'll try to install package and will try my steps.
Once again thks a lot for helping.
Regards, Gaurav Gugnani
On Thu, Feb 2, 2012 at 9:03 PM, Dan White dwhite@olp.net wrote:
On 02/02/12 16:24 +0530, Gaurav Gugnani wrote:
Hello,
I too suppose that my package is missing for cyrus-sasl DIGEST MD5.
I'm working on linux 86_64 machine and want to implement DIGEST MD5 mechanism.
Following packages are installed: /u01/app/openldap/product/2.4.**26/etc/openldap>rpm -qa | grep cyrus-sasl cyrus-sasl-devel-2.1.22-5.el5_**4.3 cyrus-sasl-plain-2.1.22-5.el5_**4.3 cyrus-sasl-lib-2.1.22-5.el5_4.**3 cyrus-sasl-devel-2.1.22-5.el5_**4.3 cyrus-sasl-lib-2.1.22-5.el5_4.**3 cyrus-sasl-plain-2.1.22-5.el5_**4.3 cyrus-sasl-2.1.22-5.el5_4.3
Use pluginviewer (or possibly saslpluginviewer) to verify that digest-md5 is installed. If not, you'll need to find out which package you need from your distribution's support.
Once installed, and verified using pluginviewer, verify that slapd is offering the mechanism with:
ldapsearch -x -H ldap://ldap.example.net -s "base" "supportedSASLMechanisms"
Please suggest, if package is missing or will the DIGEST MD% mechanism
works with this cyrus-sasl modules.
Thanks for your help.
Regards, Gaurav Gugnani
On Thu, Feb 2, 2012 at 4:03 PM, Raffael Sahli public@raffaelsahli.com* *wrote:
On 02/02/2012 10:40 AM, Gaurav Gugnani wrote:
Hello All,
After some more research into it and reading some more links:
http://www.linuxtopia.org/**online_books/network_** administration_guides/ldap_**administration/sasl_SASL_** Authentication.htmlhttp://www.linuxtopia.org/online_books/network_administration_guides/ldap_administration/sasl_SASL_Authentication.html http://tldp.org/HOWTO/LDAP-**HOWTO/sasl.htmlhttp://tldp.org/HOWTO/LDAP-HOWTO/sasl.html
I did some more steps like- *Step-1:*
In the file slapd.conf i add following lines: password-hash {CLEARTEXT} sasl-regexp uid=(.*),cn=DIGEST-MD5,cn=auth uid=$1,ou=System,o=db
And perform ldapsearch in different way: ldapsearch -Y DIGEST-MD5 -U sasluser2 -b 'o=db'
But again got error as: ldap_sasl_interactive_bind_s: Unknown authentication method (-6) additional info: SASL(-4): no mechanism available: No worthy mechs found
Did you installed the sasl modules? (On debian the package name is libsasl2-modules )
Please help in getting out of this issue.
Thanks and Regards, Gaurav Gugnani
-- Raffael Sahlipublic@raffaelsahli.com
-- Dan White