Hi! I am using OpenLDAP 2.4.26 and trying DIGEST-MD5 authentication using "ldapwhoami". I get the error "SASL(-13): user not found: no secret in database". While specifying the user with -U option, bind DN was showing empty in the server's trace. I have tried specifying complete DN with -D option but the result is the same error.
User were added using sasldblistusers2 command. sasldblistusers shows the users though it has appended the hostname where I issued the add command from.
What am I missing? Can someone point me to working instructions as the documentation for configuring SASL with openLdap seems really sparse?
Thanks
-Rakesh
Hello Rakesh,
There are 2 things: 1> You want to implement MD5 using sasldb or slapd? 2> Plz check if the following packages are installed: - cyrus-sasl-md5-2.1.22-5.el5_4.3.x86_64.rpm - cyrus-sasl-ldap-2.1.22-5.el5_4.3.x86_64.rpm *Note:* These packages are for Linux x86_64.
Also, in your upcoming mail, Plz mention the system info too. As it will helpful while replying.
Thanks and Regards, Gaurav Gugnani
On Tue, Feb 14, 2012 at 6:01 AM, Rakesh Aggarwal rakesh.aggarwal@gmail.comwrote:
Hi! I am using OpenLDAP 2.4.26 and trying DIGEST-MD5 authentication using "ldapwhoami". I get the error "SASL(-13): user not found: no secret in database". While specifying the user with -U option, bind DN was showing empty in the server's trace. I have tried specifying complete DN with -D option but the result is the same error.
User were added using sasldblistusers2 command. sasldblistusers shows the users though it has appended the hostname where I issued the add command from.
What am I missing? Can someone point me to working instructions as the documentation for configuring SASL with openLdap seems really sparse?
Thanks
-Rakesh
Am Mon, 13 Feb 2012 16:31:02 -0800 schrieb Rakesh Aggarwal rakesh.aggarwal@gmail.com:
Hi! I am using OpenLDAP 2.4.26 and trying DIGEST-MD5 authentication using "ldapwhoami". I get the error "SASL(-13): user not found: no secret in database". While specifying the user with -U option, bind DN was showing empty in the server's trace. I have tried specifying complete DN with -D option but the result is the same error.
User were added using sasldblistusers2 command. sasldblistusers shows the users though it has appended the hostname where I issued the add command from.
What am I missing? Can someone point me to working instructions as the documentation for configuring SASL with openLdap seems really sparse?
Forget sasldb and other sasl tools, just use openldap's own sasl configuration. Create appropriate authz-regexp strings in order to match the users entries, make sure users have an uid attribute and the value of userPassword is plaintext and not hashed.
-Dieter
openldap-technical@openldap.org
-
Dieter Klünter -
Gaurav Gugnani -
Rakesh Aggarwal