尝试使用 SASL AND LDAP 在 RedHat Linux 中验证用户.到目前为止,我已经设置了 saslauthd 服务并启动并运行了它.我的 /etc/saslauthd.conf 如下所示:
Trying to use SASL AND LDAP to authenticate user in RedHat Linux. So far I've setup the saslauthd service and its up and running. My /etc/saslauthd.conf looks like follows:
ldap_servers: ldaps://test.ldap.server:1234 ldap_use_sasl: yes ldap_mech: DIGEST-MD5 ldap_auth_method: fastbind ldap_search_base: Ou=PeopleAuthSrch,DC=abc,DC=com我的 /etc/sasl2/smtpd.conf 如下所示:
pwcheck_method: saslauthd mech_list: plain login现在,当我尝试使用以下命令测试身份验证时:
Now when I try to test the authentication with following command:
testsaslauthd -u 用户名 -p 密码 -f/var/run/saslauthd/mux
我得到 0: NO "authentication failed"
当我查看日志时,它说:
and when i look at the logs it says:
Retrying authentication do_auth :auth failure: [user:myuser] [service=imap] [realm=] [mech=ldap] [reason=unknown]我在这里缺少什么?提前谢谢!!
What am i missing here? thanks in advance!!
更新:
安装 OpenLdap 以使用以下命令进行搜索:
installed OpenLdap to do a search with the following command:
ldapsearch -x -h ldaps://my.ldap.server:port -d8
ldapsearch -x -h ldaps://my.ldap.server:port -d8
为了使 ldapsearch 命令正常工作,我修改了 /etc/openldap/ldap.conf 文件如下:
for ldapsearch command to work i modified /etc/openldap/ldap.conf file as follows:
tls_reqcert allow TLS_CACERTDIR /home/myuser/cacertss LDAPTLS_CACERT /home/myuser/cacertss它返回所有条目,但我仍然无法使用身份验证
It returns all the entries but i still cant authenticate using
testsaslauthd -u 用户名 -p 密码 -f/var/run/saslauthd/mux
testsaslauthd -u username -p password -f /var/run/saslauthd/mux
我需要在这里做什么才能通过身份验证?
推荐答案经过 5 天的奋斗发现我使用的设置是针对 Active Directory 我应该使用 的设置LDAP如下:
After 5 days of struggle found out that the settings i used was for Active directory where i should be using settings for LDAP as following:
ldap_servers: ldaps://test.ldap.server:1234 ldap_search_base: Ou=PeopleAuthSrch,DC=abc,DC=com ldap_filters: (uid=%u) ldap_tls_cacert_file: /path/to/my/certificate正如 Bertold Kolics 所说,我确实安装了 cyrus-sasl-md5,我不确定这是否在验证用户方面发挥了作用.
I did install cyrus-sasl-md5 as Bertold Kolics mentioned, i'm not sure if that played the part on authenticating the user.
更多推荐
SASL LDAP 身份验证失败
发布评论