devel - Fashion Content wrote:
I have the mailserver and the directory on the same server.
I have installed OpenLDAP client & libs and cyrus sasl.
Fedora DS ldapsearch is not on the path.
The Fedora DS now stores userPasswords as plaintext.
saslauthd run with: MECH=ldap, FLAGS=-c
saslauthd.conf:
ldap_servers: ldap://127.0.0.1
ldap_search_base: ou=People,dc=fashioncontent,dc=com
ldap_bind_dn: cn=Directory Manager,dc=fashioncontent,dc=com
ldap_bind_pw: secret
ldap_filter: (&(objectClass=inetorgperson)(uid=%u))
ldap_use_sasl: no
ldap_auth_method: bind
ldap_version: 3
ldap_debug: 3
ldap_verbose: on
log_level: 255
OpenLDAP ldapsearch: Shows userPassword results hashed, but otherwise
shows the users I look up
OpenLDAP ldapsearch userPassword=secret: Success
Fedora ldapsearch: Fails to find anything
testsaslauthd -u devel -p secret: Fails to find anything, error code
32 I think
It would be helpful if you could post the exact ldapsearch command line
that you used both for openldap and for fedora ds, along with the exact
output, or an excerpt of a few lines at least.
I haven't figured out how to make saslauthd report the ldap queries,
so I know very little of what happens and the Fedora logs
don't appear to help much more.
The fedora ds access log will show the tcp
socket
connection/disconnection and peer IP address, the BIND request and
result, and the SRCH request and result. If you need help interpreting
the log output, please post an excerpt to this list.
Henrik
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users