LDAP Configuration issue inside container

I’m trying to set up LDAP for recently created Percona Server for MongoDB but I’m still struggling with some issues
I’ve been following this doc:

I’m using official PSMDB image downloaded with


I’m following all required commands step by step:

sudo  yum install -y cyrus-sasl
sudo sed -i -e s/^MECH=pam/MECH=ldap/g /etc/sysconfig/saslauthd 

My handmade /etc/saslauthd.conf file looks like this:

ldap_servers: ldap://subdomain.domain.top-level-domain:389
ldap_mech: PLAIN
ldap_search_base: OU=my-ou,DC=subdomain,DC=domain,DC=top-level-domain
ldap_bind_dn: CN=ldap-user,CN=users,OU=my-ou,DC=subdomain,DC=domain,DC=top-level-domain
ldap_password: 'my-password'

I’m unable to use systemctl inside container so I had to run saslauthd with the one of commands below:

saslauthd -a ldap
saslauthd -d -a ldap
sudo chmod 755 /run/saslauthd

It’s weird as sasl group does not exist while I tried to add this:

sudo usermod -a -G sasl mongod

At last I’m testing the connection with test command:

testsaslauthd -u ldap-user -p my-password  -f /var/run/saslauthd/mux

The error below is going to be displayed instantly right after executing test command:

0: NO "authentication failed"

As for me it’s strange as I need to define auth method in command although it has been set in /etc/saslauthd.conf before. Moreover it seems like a config is being ignored completely by the command

I’ve been testing my ldap connection with ldapsearch - it’s fine. It’s been also tested in local Ubuntu environment. Although the systemctl is available here, I’m still getting the same error.

Could somebody advise please what’s wrong?
Thanks in advance

Please halp, there’re my logs.

 : attempting a read lock on slot: 77
:[login=me] [service=imap] [realm=]: not found, update pending
: attempting to release lock on slot: 77
: acquired accept lock
 Authentication failed for me: Bind to ldap server failed (invalid user/password or insufficient access) (-7)
                 : auth failure: [user=me] [service=imap] [realm=] [mech=ldap] [reason=Unknown]
                 : response: NO

Updated config:

ldap_servers: ldap://subdomain.domain.top-level-domain:389
ldap_mech: PLAIN
ldap_search_base: OU=my-ou,DC=subdomain,DC=domain,DC=top-level-domain
ldap_filter: (sAMAccountName=%u)
ldap_bind_dn: CN=ldap-admin-user,OU=my-ou,DC=subdomain,DC=domain,DC=top-level-domain
ldap_password: "my password"
ldap_debug: -1


DESC="SASL Authentication Daemon"
OPTIONS="-c -V -m /var/run/saslauthd -O /etc/saslauthd.conf"

I have built image of OpenLDAP server in container and this one works perfectly, unfortunately I need LDAP directly from AD to be working as well

I got it at last. The issue is a password including some special characters like @, #, $ etc. inside saslauthd.conf file. For example, you cannot use quotation marks like this as it’s not going to work

ldap_password: "my-password"

Another account has been used for auth process that has no special characters, just letters and digits

ldap_password: normalpassword2137