Replication problem

David Korpiewski davidk at cs.umass.edu
Tue May 16 17:25:12 EDT 2006


Hello Patrick!

I set the sasl_pwcheck_method to be PLAIN from what it used to be 
(saslauthd) on the replica server.

Still doesn't work though, it gives me this error:
badlogin: lmc1.cs.umass.edu [128.119.243.236] DIGEST-MD5 [SASL(-13): 
user not found: no secret in database]

HISTORY:
our servers are set up with saslauthd for their sasl_pwcheck_method. 
Saslauthd uses PAM for ldap authentication.  This works fine for 
receiving email and authenticating users with their mail clients. 
However, this doesn't appear to work for sync_server when authenticating 
the sync_client.

These are pieces of my replica's imapd.conf:

sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
sync_authname: cyrus
sync_log: 1
sync_host: lmc2.cs.umass.edu
sync_repeat_interval: 5
sync_password: XXXXXXXXXX


Thank you for any help you can offer!
David


Patrick Radtke wrote:
> 
> did you try setting
> sasl_pwcheck_method on the replica?
> 
> 'unix' isn't a SASL mechanism.
> 
> you may want to try PLAIN (what do you use currently on the primary 
> server)?
> 
> on the replica use this line
> sasl_mech_list: PLAIN
> 
> to make it only advertise PLAIN authentication, and then the primary 
> machine will try using that sasl mechanism when connecting.
> This will then invoke what you have for your sasl_pwcheck_method.
> 
> -Patrick
> 
> On May 16, 2006, at 3:47 PM, David Korpiewski wrote:
> 
>> I'm in the middle of trying to set up replication.  However, I keep 
>> running into a problem.
>>
>> The replication error I'm getting on the replica is this if I don't 
>> specify a sync_authname and sync_password:
>>
>>  syncserver[7682]: starttls: TLSv1 with cipher AES256-SHA (256/256 
>> bits new) no authentication
>>
>> I get this error if I'm specifying a sync_authname and sync_password:
>>
>>  badlogin: lmc1.cs.umass.edu [128.119.243.236] DIGEST-MD5 [SASL(-13): 
>> user not found: no secret in database]
>>
>> MY QUESTION IS THIS:
>> How can I change what sync_server uses for its authentication?  I want 
>> it to either use LDAP or the local passwd/shadow files.  It obviously 
>> keeps trying to use DIGEST-MD5, in which case it would have to look 
>> for a md5 file in a particluar location, but I don't see how to 
>> specify that either.
>>
>> I tried setting auth_mech and sasl_auth_mech to be "unix" in the 
>> /etc/imapd.conf but that doesn't change anything.
>>
>> Can anyone help me?
>> Thanks,
>> David
>>
>>
>>
>> ----------------------------------------------------------
>> David Korpiewski                     Phone: 413-545-4319
>> Software Specialist I                Fax:   413-577-2285
>> Department of Computer Science       ICQ:   7565766
>> University of Massachusetts Amherst
>> --------------------------------------------------------
>>
>> ----
>> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
>> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

-- 
--------------------------------------------------------
David Korpiewski                     Phone: 413-545-4319
Software Specialist I                Fax:   413-577-2285
Department of Computer Science       ICQ:   7565766
University of Massachusetts Amherst
--------------------------------------------------------



More information about the Info-cyrus mailing list