<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
Hello,<br>
<br>
I've execute testsaslauthd as cyrus user a it's OK<br>
<br>
[root log]# su - cyrus<br>
[cyrus1 ~]$ /usr/sbin/testsaslauthd -u test-adm -p password<br>
0: OK "Success."<br>
<br>
On the other hand, I've done some test and I've execute imtest getting the following:<br>
<br>
# imtest -m plain 192.168.65.130 -a cyrus<br>
S: * OK Datadec-Online Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready<br>
C: C01 CAPABILITY<br>
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
LISTEXT LIST-SUBSCRIBED X-NETSCAPE<br>
S: C01 OK Completed<br>
C: A01 AUTHENTICATE PLAIN<br>
S: A01 NO encryption needed to use mechanism<br>
Authentication failed. generic failure<br>
Security strength factor: 0<br>
. login test-adm password<br>
. OK User logged in<br>
C: Q01 LOGOUT<br>
Connection closed.<br>
<br>
=========log==============<br>
Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: telling master 2<br>
Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: accepted connection<br>
Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: telling master 3<br>
Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 pid 29801 in READY state: now unavailable and in BUSY state<br>
Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 now has 1 ready workers<br>
Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 pid 29801 in BUSY state: now serving connection<br>
Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 now has 1 ready workers<br>
*Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: badlogin:
xmlfrwk.pre.datadec-online.com [192.168.65.130] PLAIN [SASL(-16):
encryption needed to use mechanism: security flags do not match
required]<br>
*Feb 13 17:16:11 srv-vln-pre1 imap1[29801]: login:
xmlfrwk.pre.datadec-online.com [192.168.65.130] test-adm plaintext User
logged in<br>
==========================<br>
<br>
As you can see on the first try I get "badlogin" but when I try ". login test-adm password" I'm able to log in.<br>
<br>
Regards.<br>
<br>
> Date: Mon, 13 Feb 2012 09:49:45 -0600<br>> From: dwhite@olp.net<br>> To: magiza83@hotmail.com<br>> CC: info-cyrus@lists.andrew.cmu.edu; awilliam@whitemice.org<br>> Subject: Re: Allow PLAIN login cyrus 2.2.12<br>> <br>> On 02/13/12 16:02 +0100, Manel Gimeno Zaragozá wrote:<br>> ><br>> >Hello,<br>> ><br>> >I've tried adding "asterisk" lines but nothing changes:<br>> ><br>> >=====imapd.conf====<br>> >sasl_pwcheck_method: saslauthd<br>> >sasl_mech_list: PLAIN<br>> >*sasl_minimum_layer: 0<br>> ><br>> >=====saslauthd.conf=====<br>> >ldap_servers: ldap://ldap.ldaptest.com:389/ ldap://srv-ln-repli1.ldaptest:389/<br>> >ldap_search_base: ou=pre_test,dc=org<br>> >ldap_bind_dn: cn=admin<br>> >ldap_password: password<br>> >ldap_scope: sub<br>> >ldap_filter: (|(cn=%U@%d)(uid=%u))<br>> >*ldap_auth_method: plain<br>> ><br>> >I'm still not able to log in#<br>> ><br>> >#imtest -m plain 192.168.1.5 -a test-adm<br>> > S: * OK Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready<br>> > C: C01 CAPABILITY<br>>
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+
MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT
CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE<br>> > S: C01 OK Completed<br>> > [Server did not advertise AUTH=PLAIN]<br>> > Authentication failed. generic failure<br>> > Security strength factor: 0<br>> <br>> On 02/13/12 12:55 +0100, Manel Gimeno Zaragozá wrote:<br>> >I can connect via testsaslauthd:<br>> >#testsaslauthd -u test-adm -p password<br>> > 0: OK "Success."<br>> ><br>> <br>> Check your syslog for any errors (auth facility). Verify that the user<br>> which imapd is running under has permissions to access the saslauthd mux.<br>> One way to verify that is with:<br>> <br>> sudo -u cyrus testsaslauthd -u test-adm -p password<br>> <br>> You may need to set:<br>> <br>> sasl_saslauthd_path: </full/path/to/saslauthd/mux>/mux<br>> <br>> Within imapd.conf. But your logs will provide an appropriate error if that<br>> option is needed.<br>> <br>> -- <br>> Dan White<br><br>Manel Gimeno Zaragoza<br>magiza83@hotmail.com<br><br><br><div><div id="SkyDrivePlaceholder"></div>> Date: Mon, 13 Feb 2012 09:49:45 -0600<br>> From: dwhite@olp.net<br>> To: magiza83@hotmail.com<br>> CC: info-cyrus@lists.andrew.cmu.edu; awilliam@whitemice.org<br>> Subject: Re: Allow PLAIN login cyrus 2.2.12<br>> <br>> On 02/13/12 16:02 +0100, Manel Gimeno Zaragozá wrote:<br>> ><br>> >Hello,<br>> ><br>> >I've tried adding "asterisk" lines but nothing changes:<br>> ><br>> >=====imapd.conf====<br>> >sasl_pwcheck_method: saslauthd<br>> >sasl_mech_list: PLAIN<br>> >*sasl_minimum_layer: 0<br>> ><br>> >=====saslauthd.conf=====<br>> >ldap_servers: ldap://ldap.ldaptest.com:389/ ldap://srv-ln-repli1.ldaptest:389/<br>> >ldap_search_base: ou=pre_test,dc=org<br>> >ldap_bind_dn: cn=admin<br>> >ldap_password: password<br>> >ldap_scope: sub<br>> >ldap_filter: (|(cn=%U@%d)(uid=%u))<br>> >*ldap_auth_method: plain<br>> ><br>> >I'm still not able to log in#<br>> ><br>> >#imtest -m plain 192.168.1.5 -a test-adm<br>> > S: * OK Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready<br>> > C: C01 CAPABILITY<br>> > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE<br>> > S: C01 OK Completed<br>> > [Server did not advertise AUTH=PLAIN]<br>> > Authentication failed. generic failure<br>> > Security strength factor: 0<br>> <br>> On 02/13/12 12:55 +0100, Manel Gimeno Zaragozá wrote:<br>> >I can connect via testsaslauthd:<br>> >#testsaslauthd -u test-adm -p password<br>> > 0: OK "Success."<br>> ><br>> <br>> Check your syslog for any errors (auth facility). Verify that the user<br>> which imapd is running under has permissions to access the saslauthd mux.<br>> One way to verify that is with:<br>> <br>> sudo -u cyrus testsaslauthd -u test-adm -p password<br>> <br>> You may need to set:<br>> <br>> sasl_saslauthd_path: </full/path/to/saslauthd/mux>/mux<br>> <br>> Within imapd.conf. But your logs will provide an appropriate error if that<br>> option is needed.<br>> <br>> -- <br>> Dan White<br></div> </div></body>
</html>