From owner-freebsd-ports Mon Aug 19 10:51:20 2002 Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF54737B400 for ; Mon, 19 Aug 2002 10:51:17 -0700 (PDT) Received: from mail.westbend.net (ns1.westbend.net [216.47.253.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0BBE643E6A for ; Mon, 19 Aug 2002 10:51:17 -0700 (PDT) (envelope-from hetzels@westbend.net) Received: from ADMIN00 (bnet.westbend.net [216.47.253.17]) by mail.westbend.net (8.12.5/8.12.5) with SMTP id g7JHpFBg065782; Mon, 19 Aug 2002 12:51:15 -0500 (CDT) (envelope-from hetzels@westbend.net) Message-ID: <009b01c247a9$040189d0$11fd2fd8@ADMIN00> From: "Scot W. Hetzel" To: "Robin P. Blanchard" , References: <3D611B4F.2050605@georgiacenter.org> Subject: Re: cyrus / sasl / ldap woes Date: Mon, 19 Aug 2002 12:51:15 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-15" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Virus-Scanned: by amavisd-milter (http://amavis.org/) Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org From: "Robin P. Blanchard" > freshly installed -STABLE with freshly installed ports: > > cyrus-imapd-2.0.16_3 > cyrus-sasl-1.5.27_6 > db3-3.2.9_3,1 > makedepend-2000.12.28 > openldap-2.0.25 > > This test box has the same config as the following, working (production) > box; but imapd doesn't talk to LDAP (tcpdump verifies this), it just > checks the sasldb file and gives up. > > now, our production mail server is 4.6-STABLE (Sun Jun 16 23:39:27 EDT > 2002) with the following ports: > > cyrus-imapd-2.0.16_2 > cyrus-sasl-1.5.27_1 > db3-3.2.9_3,1 > makedepend-2000.12.28 > openldap-2.0.21 > > is still chugging along just great, authenticating against LDAP. > > anyone else using the combo of ports? any success with the current revs? > > ideas? > Does OpenLDAP 2.0.25 have SASL compiled into it, as there is a known problem with OpenLDAP v2 when it has SASL linked with it, (i.e SASL -> LDAP ->SASL -> LDAP ..... loop). 0 - Update to 1.5.27 (sasl-1.5.27-ldap-ssl-filter-mysql-patch3) 1 - Fix OpenLDAP v1, PAM pwcheck daemon, JavaSASL (sasl-1.5.27-ldap-ssl-filter-mysql-patch3) 2 - KRB5 Fix 3 - Update to sasl-1.5.27-ldap-ssl-filter-mysql-patch4 4 - Update to fixed sasl-1.5.27-ldap-ssl-filter-mysql-patch4 5 - Move include files to sasl1 6 - Enable saslauthd, and make it default pwcheck method Try changing the ports Makefile to use *patch3 instead of *patch4, then run a make makesum, and make build/install. Then test if you can use LDAP. Let me know the results. Another option you have is to switch to using saslauthd (w -a pam), then configuring PAM for LDAP lookups (pop3, imap, ..). Scot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message