Am Mon, 30 Jan 2012 17:55:38 +0530 schrieb Gaurav Gugnani gugnanigaurav@gmail.com:
Hello All,
I'm trying to configure SASL on openldap and did following steps:
1> Modify the password of the user: saslpasswd2 -c -u <realm> <username> 2> Then i modify slapd.conf: sasl-regexp uid=(.*),cn=<realm>,cn=DIGEST-MD5,cn=auth uid=$1,ou=System,o=<realm> 3> After this i try to do ldapsearch and it gave me an error: ldap_bind: Server is unwilling to perform (53) additional info: unauthenticated bind (DN with no password) disallowed
Somewhere i read that we have to provide SASL information in slapd.conf however when i write below mentioned content - then ldap doesn't re-start. dn:uid=<username>,ou=System,o=<realm> bindmethod=sasl saslmech=DIGEST-MD5 credentials=<password> realm=<realm>
Please help in resolving SASL mechanism to be used.
you should not store the user password by means of saslpasswd2. Just create an LDAP entry and add a plaintext password to this entry, preferably by means of ldappasswd(1).
-Dieter