cyrus Global administrator
Igor Brezac
igor at ipass.net
Thu Sep 8 11:56:37 EDT 2005
On Thu, 8 Sep 2005, Jesus Ruiz wrote:
> Ok, i change to the defaultdomain as you said. now the file look like this:
> configdirectory: /var/lib/imap
> partition-default: /var/spool/imap
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN LOGIN
> admins: cyrus
> allowanonymouslogin: no
> sievedir: /var/lib/imap/sieve
> sendmail: /usr/sbin/sendmail
> hashimapspool: true
> lmtp_downcase_rcpt: 1
> lmtp_over_quota_perm_failure: 1
> autocreatequota: 5120
> virtdomains: yes
Read 'man imapd.conf' and understand various options for virtdomains.
> defaultdomain: acelerate.org <http://acelerate.org>
This needs to be
defaultdomain: acelerate.org
> tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
> tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
> tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
>
> now when i connect using:
> [root at mail ~]# cyradm -u cyrus --server localhost --auth plain
Use cyradm --user cyrus at acelerate.org --server localhost --auth plain
-Igor
> Password:
> IMAP Password:
> localhost.localdomain> dm user.postmaster1
> deletemailbox: Permission denied
> localhost.localdomain> cm user.postmaster at acelerate.org
> createmailbox: Invalid mailbox name
> localhost.localdomain> cm user.postmaster at acelerate.net
> createmailbox: Invalid mailbox name
> This is the ldap log:
> daemon: activity on 1 descriptors
> daemon: new connection on 14
> conn=2 fd=14 ACCEPT from IP=127.0.0.1:37881 <http://127.0.0.1:37881> (IP=
> 0.0.0.0:389 <http://0.0.0.0:389>)
> daemon: added 14r
> daemon: activity on:
> daemon: select: listen=6 active_threads=0 tvp=NULL
> daemon: select: listen=7 active_threads=0 tvp=NULL
> daemon: activity on 1 descriptors
> daemon: activity on: 14r
> daemon: read activity on 14
> connection_get(14)
> connection_get(14): got connid=2
> connection_read(14): checking for input on id=2
> ber_get_next
> ldap_read: want=8, got=8
> 0000: 30 3d 02 01 01 60 38 02 0=...`8.
> ldap_read: want=55, got=55
>
> ber_get_next: tag 0x30 len 61 contents:
> ber_dump: buf=0x081995b8 ptr=0x081995b8 end=0x081995f5 len=61
>
> ber_get_next
> ldap_read: want=8 error=Resource temporarily unavailable
> ber_get_next on fd 14 failed errno=11 (Resource temporarily unavailable)
> do_bind
> daemon: select: listen=6 active_threads=0 tvp=NULL
> daemon: select: listen=7 active_threads=0 tvp=NULL
> ber_scanf fmt ({imt) ber:
> ber_dump: buf=0x081995b8 ptr=0x081995bb end=0x081995f5 len=58
>
> ber_scanf fmt (m}) ber:
> ber_dump: buf=0x081995b8 ptr=0x081995e7 end=0x081995f5 len=14
> 0000: 00 0c 33 75 72 30 35 33 74 65 6f 6f 73 35 ..3ur053teoos5
>>>> dnPrettyNormal: <cn=Administrator,dc=axsbolivia,dc=com>
> => ldap_bv2dn(cn=Administrator,dc=axsbolivia,dc=com,0)
> <= ldap_bv2dn(cn=Administrator,dc=axsbolivia,dc=com,0)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=Administrator,dc=axsbolivia,dc=com,272)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=administrator,dc=axsbolivia,dc=com,272)=0
> <<< dnPrettyNormal: <cn=Administrator,dc=axsbolivia,dc=com>,
> <cn=administrator,dc=axsbolivia,dc=com>
> do_bind: version=3 dn="cn=Administrator,dc=axsbolivia,dc=com" method=128
> conn=2 op=0 BIND dn="cn=Administrator,dc=axsbolivia,dc=com" method=128
> ==> bdb_bind: dn: cn=Administrator,dc=axsbolivia,dc=com
> conn=2 op=0 BIND dn="cn=Administrator,dc=axsbolivia,dc=com" mech=SIMPLE
> ssf=0
> do_bind: v3 bind: "cn=Administrator,dc=axsbolivia,dc=com" to
> "cn=Administrator,dc=axsbolivia,dc=com"
> send_ldap_result: conn=2 op=0 p=3
> send_ldap_result: err=0 matched="" text=""
> send_ldap_response: msgid=1 tag=97 err=0
> ber_flush: 14 bytes to sd 14
> 0000: 30 0c 02 01 01 61 07 0a 01 00 04 00 04 00 0....a........
> ldap_write: want=14, written=14
> 0000: 30 0c 02 01 01 61 07 0a 01 00 04 00 04 00 0....a........
> conn=2 op=0 RESULT tag=97 err=0 text=
> daemon: activity on 1 descriptors
> daemon: activity on: 14r
> daemon: read activity on 14
> connection_get(14)
> connection_get(14): got connid=2
> connection_read(14): checking for input on id=2
> ber_get_next
> ldap_read: want=8, got=8
> 0000: 30 4a 02 01 02 63 45 04 0J...cE.
> ldap_read: want=68, got=68
> 0000: 14 64 63 3d 61 78 73 62 6f 6c 69 76 69 61 2c 64 .dc=axsbolivia,d
> 0010: 63 3d 63 6f 6d 0a 01 02 0a 01 00 02 01 01 02 01 c=com...........
> 0020: 05 01 01 00 a3 18 04 03 75 69 64 04 11 63 79 72 ........uid..cyr
> 0030: 75 73 40 6c 6f 63 61 6c 64 6f 6d 61 69 6e 30 04 us at localdomain0.
> 0040: 04 02 64 6e ..dn
> ber_get_next: tag 0x30 len 74 contents:
> ber_dump: buf=0x08199638 ptr=0x08199638 end=0x08199682 len=74
> 0000: 02 01 02 63 45 04 14 64 63 3d 61 78 73 62 6f 6c ...cE..dc=axsbol
> 0010: 69 76 69 61 2c 64 63 3d 63 6f 6d 0a 01 02 0a 01 ivia,dc=com.....
> 0020: 00 02 01 01 02 01 05 01 01 00 a3 18 04 03 75 69 ..............ui
> 0030: 64 04 11 63 79 72 75 73 40 6c 6f 63 61 6c 64 6f d..cyrus at localdo
> 0040: 6d 61 69 6e 30 04 04 02 64 6e main0...dn
> ber_get_next
> ldap_read: want=8 error=Resource temporarily unavailable
> do_search
> ber_get_next on fd 14 failed errno=11 (Resource temporarily unavailable)
> ber_scanf fmt ({miiiib) ber:
> daemon: select: listen=6 active_threads=0 tvp=NULL
> daemon: select: listen=7 active_threads=0 tvp=NULL
> ber_dump: buf=0x08199638 ptr=0x0819963b end=0x08199682 len=71
> 0000: 63 45 04 14 64 63 3d 61 78 73 62 6f 6c 69 76 69 cE..dc=axsbolivi
> 0010: 61 2c 64 63 3d 63 6f 6d 0a 01 02 0a 01 00 02 01 a,dc=com........
> 0020: 01 02 01 05 01 01 00 a3 18 04 03 75 69 64 04 11 ...........uid..
> 0030: 63 79 72 75 73 40 6c 6f 63 61 6c 64 6f 6d 61 69 cyrus at localdomai
> 0040: 6e 30 04 04 02 64 6e n0...dn
>>>> dnPrettyNormal: <dc=axsbolivia,dc=com>
> => ldap_bv2dn(dc=axsbolivia,dc=com,0)
> <= ldap_bv2dn(dc=axsbolivia,dc=com,0)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(dc=axsbolivia,dc=com,272)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(dc=axsbolivia,dc=com,272)=0
> <<< dnPrettyNormal: <dc=axsbolivia,dc=com>, <dc=axsbolivia,dc=com>
> SRCH "dc=axsbolivia,dc=com" 2 0 1 5 0
> begin get_filter
> EQUALITY
> ber_scanf fmt ({mm}) ber:
> ber_dump: buf=0x08199638 ptr=0x08199662 end=0x08199682 len=32
> 0000: a3 18 04 03 75 69 64 04 11 63 79 72 75 73 40 6c ....uid..cyrus at l
> 0010: 6f 63 61 6c 64 6f 6d 61 69 6e 30 04 04 02 64 6e ocaldomain0...dn
> end get_filter 0
> filter: (uid=cyrus at localdomain)
> ber_scanf fmt ({M}}) ber:
> ber_dump: buf=0x08199638 ptr=0x0819967c end=0x08199682 len=6
> 0000: 00 04 04 02 64 6e ....dn
> attrs: dn
> conn=2 op=1 SRCH base="dc=axsbolivia,dc=com" scope=2 deref=0 filter="(
> uid=cyrus at localdomain)"
> conn=2 op=1 SRCH attr=dn
> => bdb_search
> bdb_dn2entry("dc=axsbolivia,dc=com")
> search_candidates: base="dc=axsbolivia,dc=com" (0x00000001) scope=2
> => bdb_dn2idl( "dc=axsbolivia,dc=com" )
> => bdb_filter_candidates
> AND
> => bdb_list_candidates 0xa0
> => bdb_filter_candidates
> OR
> => bdb_list_candidates 0xa1
> => bdb_filter_candidates
> EQUALITY
> => bdb_equality_candidates (objectClass)
> => key_read
> bdb_idl_fetch_key: [b49d1940]
> <= bdb_index_read: failed (-30990)
> <= bdb_equality_candidates: id=0, first=0, last=0
> <= bdb_filter_candidates: id=0 first=0 last=0
> => bdb_filter_candidates
> EQUALITY
> => bdb_equality_candidates (uid)
> => key_read
> bdb_idl_fetch_key: [804f59b0]
> <= bdb_index_read 1 candidates
> <= bdb_equality_candidates: id=1, first=18, last=18
> <= bdb_filter_candidates: id=1 first=18 last=18
> <= bdb_list_candidates: id=1 first=18 last=18
> <= bdb_filter_candidates: id=1 first=18 last=18
> <= bdb_list_candidates: id=1 first=18 last=18
> <= bdb_filter_candidates: id=1 first=18 last=18
> bdb_search_candidates: id=1 first=18 last=18
> entry_decode: "uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> <= entry_decode(uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com)
> => bdb_dn2id( "ou=admin,dc=axsbolivia,dc=com" )
> <= bdb_dn2id: got id=0x00000007
> => bdb_dn2id( "uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com" )
> <= bdb_dn2id: got id=0x00000012
> => test_filter
> EQUALITY
> => access_allowed: search access to "
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com" "uid" requested
> <= root access granted
> <= test_filter 6
> => send_search_entry: dn="
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> => access_allowed: read access to "
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com" "entry" requested
> <= root access granted
> ber_flush: 62 bytes to sd 14
> 0000: 30 3c 02 01 02 64 37 04 33 75 69 64 3d 63 79 72 0<...d7.3uid=cyr
> 0010: 75 73 40 6c 6f 63 61 6c 64 6f 6d 61 69 6e 2c 6f us at localdomain,o
> 0020: 75 3d 61 64 6d 69 6e 2c 64 63 3d 61 78 73 62 6f u=admin,dc=axsbo
> 0030: 6c 69 76 69 61 2c 64 63 3d 63 6f 6d 30 00 livia,dc=com0.
> ldap_write: want=62, written=62
> 0000: 30 3c 02 01 02 64 37 04 33 75 69 64 3d 63 79 72 0<...d7.3uid=cyr
> 0010: 75 73 40 6c 6f 63 61 6c 64 6f 6d 61 69 6e 2c 6f us at localdomain,o
> 0020: 75 3d 61 64 6d 69 6e 2c 64 63 3d 61 78 73 62 6f u=admin,dc=axsbo
> 0030: 6c 69 76 69 61 2c 64 63 3d 63 6f 6d 30 00 livia,dc=com0.
> conn=2 op=1 ENTRY dn="uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> <= send_search_entry
> send_ldap_result: conn=2 op=1 p=3
> send_ldap_result: err=0 matched="" text=""
> send_ldap_response: msgid=2 tag=101 err=0
> ber_flush: 14 bytes to sd 14
> 0000: 30 0c 02 01 02 65 07 0a 01 00 04 00 04 00 0....e........
> ldap_write: want=14, written=14
> 0000: 30 0c 02 01 02 65 07 0a 01 00 04 00 04 00 0....e........
> conn=2 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
> daemon: activity on 1 descriptors
> daemon: activity on: 14r
> daemon: read activity on 14
> connection_get(14)
> connection_get(14): got connid=2
> connection_read(14): checking for input on id=2
> ber_get_next
> ldap_read: want=8, got=8
> 0000: 30 49 02 01 03 60 44 02 0I...`D.
> ldap_read: want=67, got=67
> 0000: 01 03 04 33 75 69 64 3d 63 79 72 75 73 40 6c 6f ...3uid=cyrus at lo
> 0010: 63 61 6c 64 6f 6d 61 69 6e 2c 6f 75 3d 61 64 6d caldomain,ou=adm
> 0020: 69 6e 2c 64 63 3d 61 78 73 62 6f 6c 69 76 69 61 in,dc=axsbolivia
> 0030: 2c 64 63 3d 63 6f 6d 80 0a 63 79 72 75 73 39 38 ,dc=com..cyrus98
> 0040: 31 32 33 123
> ber_get_next: tag 0x30 len 73 contents:
> ber_dump: buf=0x08199638 ptr=0x08199638 end=0x08199681 len=73
> 0000: 02 01 03 60 44 02 01 03 04 33 75 69 64 3d 63 79 ...`D....3uid=cy
> 0010: 72 75 73 40 6c 6f 63 61 6c 64 6f 6d 61 69 6e 2c rus at localdomain,
> 0020: 6f 75 3d 61 64 6d 69 6e 2c 64 63 3d 61 78 73 62 ou=admin,dc=axsb
> 0030: 6f 6c 69 76 69 61 2c 64 63 3d 63 6f 6d 80 0a 63 olivia,dc=com..c
> 0040: 79 72 75 73 39 38 31 32 33 yrus98123
> ber_get_next
> ldap_read: want=8 error=Resource temporarily unavailable
> ber_get_next on fd 14 failed errno=11 (Resource temporarily unavailable)
> do_bind
> daemon: select: listen=6 active_threads=0 tvp=NULL
> daemon: select: listen=7 active_threads=0 tvp=NULL
> conn=2 op=2 BIND anonymous mech=implicit ssf=0
> ber_scanf fmt ({imt) ber:
> ber_dump: buf=0x08199638 ptr=0x0819963b end=0x08199681 len=70
> 0000: 60 44 02 01 03 04 33 75 69 64 3d 63 79 72 75 73 `D....3uid=cyrus
> 0010: 40 6c 6f 63 61 6c 64 6f 6d 61 69 6e 2c 6f 75 3d @localdomain,ou=
> 0020: 61 64 6d 69 6e 2c 64 63 3d 61 78 73 62 6f 6c 69 admin,dc=axsboli
> 0030: 76 69 61 2c 64 63 3d 63 6f 6d 80 0a 63 79 72 75 via,dc=com..cyru
> 0040: 73 39 38 31 32 33 s98123
> ber_scanf fmt (m}) ber:
> ber_dump: buf=0x08199638 ptr=0x08199675 end=0x08199681 len=12
> 0000: 00 0a 63 79 72 75 73 39 38 31 32 33 ..cyrus98123
>>>> dnPrettyNormal: <uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com>
> => ldap_bv2dn(uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com,0)
> <= ldap_bv2dn(uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com,0)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com,272)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com,272)=0
> <<< dnPrettyNormal: <uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com>, <
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com>
> do_bind: version=3 dn="uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> method=128
> conn=2 op=2 BIND dn="uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> method=128
> ==> bdb_bind: dn: uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com
> bdb_dn2entry("uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com")
> => access_allowed: auth access to "
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com" "userPassword"
> requested
> => access_allowed: backend default auth access granted to ""
> conn=2 op=2 BIND dn="uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> mech=SIMPLE ssf=0
> do_bind: v3 bind: "uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com" to "
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> send_ldap_result: conn=2 op=2 p=3
> send_ldap_result: err=0 matched="" text=""
> send_ldap_response: msgid=3 tag=97 err=0
> ber_flush: 14 bytes to sd 14
> 0000: 30 0c 02 01 03 61 07 0a 01 00 04 00 04 00 0....a........
> ldap_write: want=14, written=14
> 0000: 30 0c 02 01 03 61 07 0a 01 00 04 00 04 00 0....a........
> conn=2 op=2 RESULT tag=97 err=0 text=
> On 9/8/05, Igor Brezac <igor at ipass.net> wrote:
>>
>>
>> On Thu, 8 Sep 2005, Jesus Ruiz wrote:
>>
>>> OK i changed the imapd.conf to this:
>>> configdirectory: /var/lib/imap
>>> partition-default: /var/spool/imap
>>> sasl_pwcheck_method: saslauthd
>>> sasl_mech_list: PLAIN LOGIN
>>> admins: cyrus cyrus at localdomain
>>> allowanonymouslogin: no
>>> sievedir: /var/lib/imap/sieve
>>> sendmail: /usr/sbin/sendmail
>>> hashimapspool: true
>>> lmtp_downcase_rcpt: 1
>>> lmtp_over_quota_perm_failure: 1
>>> autocreatequota: 5120
>>> virtdomains: yes
>>> defaultdomain: acelerate.org <http://acelerate.org> <
>> http://acelerate.org>
>>
>> This is not valid, use:
>>
>> defaultdomain: acelerate.org <http://acelerate.org>
>>
>>> tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
>>> tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
>>> tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
>>> but it didn't worked out.
>>> Can you give me any pointers, I'm a newbie using cyrus, sasl and
>> sendmail
>>> with ldap
>>
>> What errors do you get?
>>
>> Connect using cyrus at acelerate.org and create accts?
>>
>> -Igor
>>
>>> Thanks
>>>
>>> On 9/7/05, Igor Brezac <igor at ipass.net> wrote:
>>>>
>>>>
>>>> On Wed, 7 Sep 2005, Jesus Ruiz wrote:
>>>>
>>>>> Hello, i'm trying to configure a global administrator for cyrus-imapd,
>>>> but
>>>>> the only thing i get is an administrator that can create mailboxes
>> only
>>>> for
>>>>> his domain.
>>>>> My /etc/imapd.conf is:
>>>>> configdirectory: /var/lib/imap
>>>>> partition-default: /var/spool/imap
>>>>> sasl_pwcheck_method: saslauthd
>>>>> sasl_mech_list: DIGEST-MD5
>>>>
>>>> This will not work. You cannot use saslauthd for shared secret mechs.
>>>>
>>>>> admins: cyrus at localdomain
>>>>
>>>> global admins need to be unqualified.
>>>>
>>>>> allowanonymouslogin: no
>>>>> sievedir: /var/lib/imap/sieve
>>>>> sendmail: /usr/sbin/sendmail
>>>>> hashimapspool: true
>>>>> lmtp_downcase_rcpt: 1
>>>>> lmtp_over_quota_perm_failure: 1
>>>>> autocreatequota: 5120
>>>>> virtdomains: yes
>>>>> tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
>>>>> tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
>>>>> tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
>>>>> When i try to create a mailbox for another domain i get:
>>>>> createmailbox: Invalid mailbox name
>>>>> Thank you very much.
>>>>>
>>>>
>>>> --
>>>> Igor
>>>>
>>>
>>
>> --
>> Igor
>>
>
--
Igor
More information about the Info-cyrus
mailing list