I'm trying to get saslauthd working with openldap.
ldapsearch and every service connected to openldap works fine. sasldblistusers2 doesn't work - and ldapwhoami does not work either.
getent passwd works fine too.
sasldblistusers2 produces this log entry:
Sep 30 03:48:01 sogo sasldblistusers2: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb
Sep 30 03:48:01 sogo sasldblistusers2: canonuserfunc error -7
Sep 30 03:48:01 sogo sasldblistusers2: _sasl_plugin_load failed on sasl_canonuser_init for plugin: ldapdb
Sep 30 03:48:01 sogo sasldblistusers2: DIGEST-MD5 common mech free
ldapwhoami result:
root@sogo:/root# ldapwhoami
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-13): user not found: no secret in database
My /etc/saslauthd.conf:
ldap_servers: ldap://localhost
ldap_version: 3
ldap_auth_method: bind
ldap_search_base: dc=MY,dc=DOMAIN
ldap_scope: sub
ldap_bind_dn: cn=admin,dc=MY,dc=DOMAIN
ldap_bind_pw: LDAPPASS
ldap_filter: <uid=%u>
auxprop_plugin: ldapdb
/etc/default/saslauthd:
START=yes
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="ldap"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c -m /var/run/saslauthd"
I can't see the error. Please help.
A similar error can be also happen at RHEL7/8, if the ldapdb backend is not used, but installed. (dont mix this topic)
If you are using ldap with saslauthd, you should remove cyrus-sasl-ldap - then the error will be fixed, too.
Your saslauthd.conf config file should be included in saslauthd:
MECH_OPTIONS="/etc/saslauthd.conf"