在我编辑文件 /etc/saslauthd.conf 并重新启动 openLDAP 后,testsaslauthd 仅在第一次运行时有效,第二次运行时显示身份验证失败。当我重新编辑文件并重新启动 openLDAP 时,它将重复以下结果。
#testsaslauthd -u testuser -p testPassword
0: OK "Success."
# testsaslauthd -u testuser -p testPassword
0: NO "authentication failed"
我的配置如下
/etc/saslauthd.conf
ldap_servers: ldap://10.10.88.103
ldap_search_base: cn=users,dc=ldapcentos,dc=com
ldap_filter: (uid=%u)
/etc/sysconfig/saslauthd
# Directory in which to place saslauthd's listening socket, pid file, and so
# on. This directory must already exist.
SOCKETDIR=/var/run/saslauthd
# Mechanism to use when checking passwords. Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
MECH=ldap
# Options sent to the saslauthd. If the MECH is other than "pam" uncomment the next line.
DAEMONOPTS=--user saslauth
# Additional flags to pass to saslauthd on the command line. See saslauthd(8)
# for the list of accepted flags.
FLAGS="-O /etc/saslauthd.conf"
答案1
我找到了问题
DAEMONOPTS=--user saslauth
===>DAEMONOPTS="--user saslauth"
还需要确保 /var/run/saslauthd
可以访问