SASL-LDAP problems, i need a guru

Discuss Applications
Post Reply
X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:

SASL-LDAP problems, i need a guru

Post by X11 »

I have been having a problem with a SASL/LDAP configuration for Dovecot. The place I am working at uses SASL. There are over 50 accounts on this network which somehow exist from the "Windows XP Account Manager for Domains" which is some Microsoft Tool which cannot see the groups according to Samba anymore - another bug which I need to fix.

Basically everything appears to be using SASL to authenticate and nothing has been migrated to SASL2. However SASL's tools are really informative like this...

Code: Select all

[root@pusa3 ~]# sasl2passwd
-bash: sasl2passwd: command not found
[root@pusa3 ~]# sasldblistusers
user: john.tate realm: pusa3.yunyangtemple.org.au mech: PLAIN
user: john.tate realm: pusa3.yunyangtemple.org.au mech: CRAM-MD5
user: john.tate realm: pusa3.yunyangtemple.org.au mech: DIGEST-MD5
[root@pusa3 ~]# sasldblistusers2
listusers failed
SASL and LDAP are really new to me however the SGI SASL implementation appears to be being used. I cannot change this on a whim until a meeting is arranged, etc, where I have a chance to mention all of this.

If anyone knows more about this so I can dig into it archimedies style and work out where the authentication issues lie (experienced by Dovecot, which kindly tells me it uses the getpwnam(3) interface or "something similar").

There are no users in /etc/passwd, they exist in the ldap database however the authentication is done some other way and I do not understand it. I assume and point all blame at SASL because its all I am aware of that I don't know about.

Some tips on digging into this problem archimedes style would be helpful.

John.

X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:

Post by X11 »

Nevermind I'm a moron who used BSD way too f**g long and just realised everything is done through PAM on Fedora.

Edit: don't ever do drugs. Very bad for you.
Last edited by X11 on Tue Jun 12, 2007 8:45 pm, edited 1 time in total.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Well now, PAM I can help you with. :) I've been up to my ears in PAM + Radius + TACACS + RSA SecurID + AD the last couple of months on Linux, AIX and Solaris.

Post Reply