<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
Hello,<br><br>I've noticed that if I do imtest from remote host I get different exit:<br><br>#imtest -m plain 192.168.1.5 -a cyrus<br> S: * OK Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready<br> C: C01 CAPABILITY<br> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE<br> S: C01 OK Completed<br> [Server did not advertise AUTH=PLAIN]<br> Authentication failed. generic failure<br> Security strength factor: 0<br><br>Anyway I answer your questions underline.<br><br>>> I'm trying to migrate mailbox from "cyrus-imapd-2.2.12-19" to<br>>> "cyrus-imapd-2.4.13-1.el6.x86_64" using imapsync.<br>>> The login is through ldap but the problem is that I can not login<br>>> through admin user to the cyrus old version (2.2.12). It shows me the<br>>> following error:<br>>> "Error login: [192.168.1.5] with user [test-adm] auth [PLAIN]: 2 NO<br>>> encryption needed to use mechanism"<br>>> S: L01 NO Login failed: authentication failure<br>>> Authentication failed. generic failure<br>>> Security strength factor: 0<br>>> I've created a test environment and there I have no problems as cyrus<br>>> i allowing auth plain.<br>><br>>Do you have "allowplaintext: 1" in imapd.conf? There is also<br>>"sasl_minimum_layer".<br><br>I've "allowplaintext: 1" defined, but I do not "sasl_minimum_layer" and I'm not sure about the value of this parameter.<br><br>>> #imtest -m plain 192.168.1.6 -a test-adm<br>>> S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE AUTH=PLAIN<br>>> SASL-IR] cyrus3-test Cyrus IMAP v2.4.13-Invoca-RPM-2.4.13-1.el6 server<br>>> ready<br>><br>>Are you authenticating via saslauthd [since you are using PLAIN]? If so<br>>can you suceed with testsaslauthd -u .... ?<br><br>I can connect via testsaslauthd:<br>#testsaslauthd -u test-adm -p password<br> 0: OK "Success."<br><br><br>>> I've tried to configure old cyrus with the same parameters but it<br>>> doesn't work. I've added the following line to imapd.conf but nothing<br>>> change, I get the same response without AUTH=PLAIN<br>>> sasl_mech_list: PLAIN<br>><br>>Are you sude your LDAP connection is configured the same way? [OpenLDAP<br>>uses the SSF concept too]. Perhaps you certificates are expired or<br>>misconfigured [permissions]?<br><br>I guess LDAP is correctly configured as new cyrus server is connecting to the same LDAP server and it works (I've no acces to LDAP configuration)<br><br>>> I don't know if I need to force plain login in saslauthd.conf as well,<br>>> or if there is some parameter that I should specify because in old<br>>> versions it's needed.<br><br><br>Manel Gimeno Zaragoza<br>magiza83@hotmail.com<br> </div></body>
</html>