NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2005-05

Re: cyrus-sasl w/ldap map problem

From: Chris Paul (postfixersentinare.net)
Date: Wed May 04 2005 - 01:23:14 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On or about Tue, 3 May 2005 23:39:36 +0200
Andreas Winkelmann <mlawinkelmann.de> wrote:

> Well, this is the version of your OS. But which Version has Cyrus-SASL and
> Postfix?

What works for me today:

-OpenBSD 3.5
-cyrus-sasl-2.1.13 (Makefile self-modified to include ldap libs)
-postfix-2.0.18-20040209.tls0.8.18-sasl2-ldap-tls

What doesn not work for me today:

-OpenBSD 3.7
-cyrus-sasl-2.1.20p3-ldap
-postfix-2.2.0-sasl2-ldap

> > - SASL works:
> >
> > testsaslauthd -u <user> -p <password> -f /var/spool/postfix/var/sasl2/mux
> > 0: OK "Success."
>
> Does the <user> contain an "" ?

yup. This used to work.... It works when I used testsaslauthd:

[rootdonot]# testsaslauthd -u testteamrci.com -p pass -f /var/spool/postfix/var/sasl2/mux

saslauthd[2373] :do_auth : auth success: [user=testteamrci.com] [service=imap] [realm=] [mech=ldap]
saslauthd[2373] :do_request : response: OK
saslauthd[19617] :get_accept_lock : acquired accept lock
saslauthd[22996] :rel_accept_lock : released accept lock
saslauthd[22996] :do_auth : auth failure: [user=test] [service=smtp] [realm=teamrci.com] [mech=ldap] [reason=Unknown]
saslauthd[22996] :do_request : response: NO
^Csaslauthd[19617] :server_exit : child exited: 19617

HMM! Looks like something happens to the "" in postfix. Weird. So I change my thunderbird settings username to testteamrci.comteamrci.com and I get this:

saslauthd[31546] :rel_accept_lock : released accept lock
saslauthd[31546] :do_auth : auth failure: [user=testteamrci.com] [service=smtp] [realm=teamrci.com] [mech=ldap] [reason=Unknown]
saslauthd[31546] :do_request : response: NO

> > - But Postfix isn't happy with it, though mux in the postfix chroot:
> > /var/spool/postfix/var/sasl2/mux (this is the right place from before):
>
> Show "postconf -n", please.

I'll be posting a saslfinger in a sec which includes this.

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]