Not the answer you need?
Register and ask your own question!

Help me get saslauthd working against active Directory

LozLoz Current User Role Participant
I've configured saslauthd but i cannot get it to work when i test with /usr/sbin/testsaslauthd I always get 
/usr/sbin/testsaslauthd -u cgm-datamongodb -p <REDACTED> -f /run/saslauthd/mux
the Active directory admins tell me they don't see the connection on the server
my saslauthd.conf looks like
ldap_servers: ldap://wlondcp19249.pc.internal.macquarie.com
ldap_mech: PLAIN
ldap_search_base: DC=pc,DC=internal,DC=macquarie,DC=com
ldap_filter: (sAMAccountName=%u)
ldap_bind_dn: CN=cgm-datamongodb,OU=Non Interactive Admins,OU=Accounts,OU=ITS
ldap_password: <REDACTED>
ldap_referrals: yes
netstat shows the connection is active
[[email protected] openldap]$ netstat -a | grep wlondcp19249tcp        0      0 ip-10-166-152-87.:37212 wlondcp19249.pc.in:ldap ESTABLISHED
tcp        0      0 ip-10-166-152-87.:37214 wlondcp19249.pc.in:ldap ESTABLISHED
This works and shows that the connection from the server is ok
ldapsearch -H ldaps://wlondcp19249.pc.internal.macquarie.com  -b "CN=ACG-COG-Tech-AWS-CGM-DataServices,OU=Account Groups,OU=ITS Security,DC=pc,DC=internal,DC=macquarie,DC=com" -D CGM-DataMongoDB -w "<REDACTED>"
so it must be something wrong with my saslauthd config... this is what comes i the journal
saslauthd[13916]: do_request : response: NOsaslauthd[13916]: Authentication failed for cgm-datamongodb: Bind to ldap server failed (invalid user/password or insufficient access) (-7)saslauthd[13916]: do_auth : auth failure: [user=cgm-datamongodb] [service=loz] [realm=] [mech=ldap][reason=Unknown]
This block us from useing percona if we cant get the authentication working
Sign In or Register to comment.

MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright ©2005 - 2020 Percona LLC. All rights reserved.