[Fedora-directory-users] SASL Mappings
Rob See
rob at rsee.net
Wed May 17 20:13:50 UTC 2006
Hi,
I'm working on getting SASL up and running with FDS 1.0.2 and have
run into some problems. It seems that the SASL Mappings are being
completely ignored.
Here is my setup:
Kerberos domain of SUB.BLAH.EDU
Ldap entry for uid=rob,ou=People,dc=sub,dc=blah,dc=edu
This is the map entry (the only map entry that I have):
# map1, mapping, sasl, config
dn: cn=map1,cn=mapping,cn=sasl,cn=config
objectClass: top
objectClass: nsSaslMapping
cn: map1
nsSaslMapRegexString: (.*)/admin at .*
nsSaslMapBaseDNTemplate: uid=\1,ou=People,dc=sub,dc=blah,dc=edu
nsSaslMapFilterTemplate: (objectclass=*)
I've restarted the service which doesn't seem to fix it.
When I kinit with rob/admin, running ldapsearch -Y GSSAPI gets the
following error:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-14): authorization failure:
when I kinit with rob, it works without a problem
Does anyone have any suggestions, or have I run into a bug of some sort ?
Also is there any way to turn up the log level to get more info ?
Thanks,
-Rob
More information about the 389-users
mailing list