Hello list, this is my first time trying to set up SASL, I'm probably doing something wrong. Anyhow: - I'm on OpenSolaris snv_127 - using SUNWopenldap from IPS (which links with bdb 4.7.25) I got strange slapd (and slapcat) hangs (probably in bdb). This forced me to set it all up from source. - I've compiled latest bdb 4.8 from source - I've compiled latest OpenLDAP 2.4.21 from source with this configure args: $ cat myconfigure export CFLAGS="-I/usr/local/BerkeleyDB.4.8/include" \ CPPFLAGS="-I/usr/local/BerkeleyDB.4.8/include" \ LDFLAGS="-L/usr/local/BerkeleyDB.4.8/lib \ -R/usr/local/BerkeleyDB.4.8/lib" ./configure -C \ --prefix=/usr/local/openldap \ --enable-spasswd \ --with-cyrus-sasl \ --enable-syslog - I've got my slapd.conf [1] in place and initialized my directory - simple bind always works - I want SASL with DIGEST-MD5 auth. - when starting slapd with -d XXX (-d 256) SASL auth. works !! $ ldapsearch -v -h localhost -p 10389 -LLL -U ldapadmin -D "cn=ldapadmin,ou=Users,dc=hh,dc=supported,dc=de" -b "ou=Users,dc=hh,dc=supported,dc=de" -s sub "cn=ldapadmin" '*' ldap_initialize( ldap://localhost:10389 ) SASL/DIGEST-MD5 authentication started Please enter your password: SASL username: ldapadmin SASL SSF: 128 SASL installing layers filter: cn=ldapadmin requesting: * dn: cn=ldapadmin,ou=Users,dc=hh,dc=supported,dc=de cn: ldapadmin gidNumber: 5000 objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: posixAccount objectClass: person objectClass: top sn: Admin uid: ldapadmin uidNumber: 5000 homeDirectory: /tmp userPassword:: ******** - when starting slapd without -d I get: $ ldapsearch -v -h localhost -LLL -U ldapadmin -D "cn=ldapadmin,ou=Users,dc=hh,dc=supported,dc=de" -b "ou=Users,dc=hh,dc=supported,dc=de" -s sub "cn=ldapadmin" ldap_initialize( ldap://localhost:10389 ) SASL/DIGEST-MD5 authentication started Please enter your password: ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80) additional info: SASL(-1): generic failure: There's an additional problem in that slapd is not logging to syslogd. Cf. below I configured "loglevel 8191", my syslog.conf contains: local4.debug /var/log/openldap.log Upon slapd startup I get two entries in the log, but nothing else, no debugging: Mar 4 12:48:10 os slapd[8083]: [ID 702911 local4.debug] @(#) $OpenLDAP: slapd 2.4.21 (Mar 4 2010 12:12:43) $ Mar 4 12:48:10 os ralph@os:/export/home/ralph/openldap-2.4.21/servers/slapd Can anybody point me in the right direction? Thanks! Cheers, Ralph [1] slapd.conf: include /usr/local/openldap/etc/openldap/schema/core.schema include /usr/local/openldap/etc/openldap/schema/cosine.schema include /usr/local/openldap/etc/openldap/schema/nis.schema include /usr/local/openldap/etc/openldap/schema/inetorgperson.schema pidfile /var/run/slapd.pid argsfile /var/run/slapd.args loglevel 8191 moduleload back_hdb.la ############## # I've added these in sick attempts security ssf=0 sasl=0 sasl-secprops none ############ authz-regexp uid=(.*),cn=DIGEST-MD5,cn=auth cn=$1,ou=Users,dc=hh,dc=supported,dc=de access to dn.base="" by * read access to dn.base="cn=Subschema" by * read access to attrs=userPassword,shadowLastChange by dn="cn=ldapadmin,ou=Users,dc=hh,dc=supported,dc=de" write by anonymous auth by self write by * none access to * by dn="cn=ldapadmin,ou=Users,dc=hh,dc=supported,dc=de" write by self write by users read by anonymous auth rootdn "cn=root,ou=Users,dc=hh,dc=supported,dc=de" rootpw ****** database hdb suffix "dc=hh,dc=supported,dc=de" directory /var/openldap index objectClass eq