saslauthd on Red Hat 6.5 NO "authentication failed"

Question

I'm trying to authorize an user of an active directory in a red hat linux 6.5. To do that I am using saslauthd. This is its configuration:

/etc/saslauthd.conf:

ldap_servers: ldap://activeDirectoryHost.us-west-2.compute.amazonaws.com
ldap_use_sasl: yes
ldap_mech: DIGEST-MD5
ldap_auth_method: fastbind

/etc/sysconfig/saslauthd:

SOCKETDIR=/var/run/saslauthd
MECH=ldap
DAEMONOPTS=--user saslauth
FLAGS="-O /etc/saslauthd.conf"

The active directory works fine, because, when I run a search on it, I get a right answer. To do a search I use the ldapsearch command from the terminal of Red Hat:

ldapsearch -LLL  -H ldap://activeDirectoryHost.us-west-2.compute.amazonaws.com -x -D 'testUser@ACTIVEDIRECTORY_TEST.es' -w 'psswd12345' -b 'OU=Domain Controllers,DC=ACTIVEDIRECTORY_TEST,DC=es

The problem is with the saslauthd. I run the test with the next command:

testsaslauthd -u 'testUser@ACTIVEDIRECTORY_TEST.es' -p 'psswd12345' -f /var/run/saslauthd/mux

And I always get the same error:

0: NO "authentication failed"

The log files do not give me more information:

saslauthd[1690]: Retrying authentication
saslauthd[1690]: do_auth: auth failure: [user=testCorreos2] [service=imap] [realm=] [mech=ldap] [reason=Unknown]

Does anyone has any idea what could be the solution?

Answer 1

I solved the problem. The error was that I was trying to connect with the Active Directory without to configure an user who was permissions over the ldap tree.

The solution is:

1- Create a user with root role in the Active Directory

2- Configure the saslauthd to login in the Active Directory with this user

ldap_servers: ldap://activeDirectoryHost.us-west-2.compute.amazonaws.com
ldap_mech: PLAIN
ldap_filter: cn=%u,CN=Users,DC=ACTIVEDIRECTORY_TEST,DC=es
ldap_search_base:CN=Users,DC=ACTIVEDIRECTORY_TEST,DC=es
ldap_filter:(cn=%u)
ldap_bind_dn:CN=ldapAdmin,CN=Users,DC=ACTIVEDIRECTORY_TEST,DC=es
ldap_password:12345pwdss