virtdomains dilemma

Ryan Corder ryanc at silverorb.net
Sun Mar 26 01:39:18 EST 2006 

greetings all,

I was hoping to get a bit of advice from everyone concerning
virtual domain support as it doesn't seem to be working correctly,
or should I say "as I would expect it to".

so, I've read up on the install-virtual HOWTO and pretty much
think I have everything setup as it should be.  here is my
imapd.conf:

  configdirectory:            /var/imap
  partition-default:          /var/spool/imap
  sievedir:                   /var/imap/sieve

  admins:                     cyrus

  allowanonymouslogin:        no
  allowplaintext:             no
  allowallsubscribe:          yes

  virtdomains:                yes
  defaultdomain:              silverorb.net
  servername:                 antares.silverorb.net
  hashimapspool:              yes

  sasl_pwcheck_method:        auxprop
  sasl_mech_list:             GSSAPI DIGEST-MD5 CRAM-MD5

I haven't even setup any users yet, the problem lies with me
trying to login as the 'cyrus' user and use cyradm.  Per the
documents, I should be able to authenticate as cyrus and it will
tack on the domain 'silverorb.net' (via the defaultdomain setting)
and pass it off to my authenctication, in this case being SASL.

here is the output of 'sasldblistusers2':
  cyrus at silverorb.net: userPassword

I've tried every conceivable permutation of setting admins,
virtdomains, and defaultdomain with no luck.  Here is basically
what I've run into.

  1.  when defaultdomain is enabled and set to my domain, I
      can't login, regardless of the username/password
  2.  when defaultdomain is disabled, I can login as
      'cyrus at silverorb.net' but can't do anything because I
      have 'cyrus' (no domain) set as the admin
  3.  I have found no way to login as just the user 'cyrus'.  I've
      even removed the domain from the user in SASL with no avail.

What I assumed is that I can have all of my old users in SASL as
'user at silverorb.net' but because of the 'defaultdomain' setting
they would only have to use their username without a domain as
their login.  Everytime a login fails, I get the following in
my logs:

  antares imaps[18263]: badlogin: localhost [127.0.0.1] DIGEST-MD5 [SASL(-13): user not found: no secret in database]

so, what am I doing wrong?  anything blatantly obvious?

thanks in advance,
ryanc

-- 
==============================================================
ryan corder <ryanc at silverorb dot net>
GnuPG key: http://silverorb.net/~ryanc/stuff/ryanc.asc
"There is a multi-legged creature crawling on your shoulder."
           -- Spock, "A Taste of Armageddon", stardate 3193.9
==============================================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20060326/137c72b0/attachment.bin

More information about the Info-cyrus mailing list