SASL LDAP authentication failure

Question

Trying to use SASL AND LDAP to authenticate user in RedHat Linux. So far I\'ve setup the saslauthd service and its up and

Answer 1

I went through the exercise of setting SASL setup with OpenLDAP and TLS on RedHat Linux 7.2 and I managed to get something similar working fine.

As I mentioned in my previous post, make sure that you have the cyrus-sasl-md5 package installed.

I would first try to get everything working without SSL. Only after you have your setup working without SSL move to the SSL part.

• You need to make sure that saslauthd accepts the CA certificate of the certificate used by the LDAP server. In particular,
  ldap_tls_cacert_file option in /etc/saslauthd.conf is your friend
• If you have SELinux enabled, make sure that saslauthd can access the certificate files. If you are unsure, tail the /var/log/audit/audit.log file and look for entries with the "denied" keyword. I have found the audit2allow tool a great way to enable access that was previously denied. You can also just disable SELinux temporarily using the setenforce Permissive command