0

I cannot get saslauthd to work with Active Directory. Here is /etc/saslauthd.conf:

ldap_use_sasl: yes
ldap_servers: ldap://ad.example.com
ldap_search_base: OU=Users,DC=example,DC=com
ldap_bind_dn: CN=openldap,OU=Users,DC=example,DC=com
ldap_bind_pw: secret
ldap_filter: (sAMAccountName=%u)

After I start saslauthd, I execute:

testsaslauthd -u myuser -p mypass

This gives me 0: NO "authentication failed". I thought maybe the problem is with connection to ldap, so I did an ldap search:

 ldapsearch -h 172.16.0.4 -x -W -D "cn=openldap,ou=Users,dc=example,dc=com" -b "ou=Users,dc=example,dc=com" "(sAMAccountName=myuser)"

Entered password for the bind user and it gave me the information. For some reason SASL doesn authenticate with LDAP.

What is the reason behind it? What other things can I check?

Gasim
  • 977
  • 4
  • 14
  • 23

1 Answers1

0

What CentOS vecrsion are you using? In 7.1, there is bug that prevents authentication against AD servers, but it is fixed and should land in updates in some weeks.

Jakuje
  • 9,715
  • 2
  • 42
  • 45
  • I switched from Cyrus to Dovecot and Simple Authentication (no SASL) also doesn't work. The bug is specific to Cyrus yet it still doesn't work – Gasim Nov 19 '15 at 22:33