<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
Hello,<br><br>I've tried adding "<span class="clickable"><span class="q">asterisk"</span></span> lines but nothing changes:<br><br>=====imapd.conf====<br>sasl_pwcheck_method: saslauthd<br>sasl_mech_list: PLAIN<br>*sasl_minimum_layer: 0<br><br>=====saslauthd.conf=====<br>ldap_servers: ldap://ldap.ldaptest.com:389/ ldap://srv-ln-repli1.ldaptest:389/<br>ldap_search_base: ou=pre_test,dc=org<br>ldap_bind_dn: cn=admin<br>ldap_password: password<br>ldap_scope: sub<br>ldap_filter: (|(cn=%U@%d)(uid=%u))<br>*ldap_auth_method: plain<br><br>I'm still not able to log in#<br><br>#imtest -m plain 192.168.1.5 -a test-adm<br> S: * OK Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready<br> C: C01 CAPABILITY<br> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE<br> S: C01 OK Completed<br> [Server did not advertise AUTH=PLAIN]<br> Authentication failed. generic failure<br> Security strength factor: 0<br><br>Regards.<br><br>Manel Gimeno Zaragoza<br>magiza83@hotmail.com<br><br><br><div><div id="SkyDrivePlaceholder"></div><hr id="stopSpelling">From: magiza83@hotmail.com<br>To: awilliam@whitemice.org; info-cyrus@lists.andrew.cmu.edu<br>Subject: RE: Allow PLAIN login cyrus 2.2.12<br>Date: Mon, 13 Feb 2012 12:55:27 +0100<br><br>
<meta http-equiv="Content-Type" content="text/html; charset=unicode">
<meta name="Generator" content="Microsoft SafeHTML">
<style>
.ExternalClass .ecxhmmessage P
{padding:0px;}
.ExternalClass body.ecxhmmessage
{font-size:10pt;font-family:Tahoma;}
</style>
<div dir="ltr">
Hello,<br><br>I've noticed that if I do imtest from remote host I get different exit:<br><br>#imtest -m plain 192.168.1.5 -a cyrus<br> S: * OK Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready<br> C: C01 CAPABILITY<br> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE<br> S: C01 OK Completed<br> [Server did not advertise AUTH=PLAIN]<br> Authentication failed. generic failure<br> Security strength factor: 0<br><br>Anyway I answer your questions underline.<br><br>>> I'm trying to migrate mailbox from "cyrus-imapd-2.2.12-19" to<br>>> "cyrus-imapd-2.4.13-1.el6.x86_64" using imapsync.<br>>> The login is through ldap but the problem is that I can not login<br>>> through admin user to the cyrus old version (2.2.12). It shows me the<br>>> following error:<br>>> "Error login: [192.168.1.5] with user [test-adm] auth [PLAIN]: 2 NO<br>>> encryption needed to use mechanism"<br>>> S: L01 NO Login failed: authentication failure<br>>> Authentication failed. generic failure<br>>> Security strength factor: 0<br>>> I've created a test environment and there I have no problems as cyrus<br>>> i allowing auth plain.<br>><br>>Do you have "allowplaintext: 1" in imapd.conf? There is also<br>>"sasl_minimum_layer".<br><br>I've "allowplaintext: 1" defined, but I do not "sasl_minimum_layer" and I'm not sure about the value of this parameter.<br><br>>> #imtest -m plain 192.168.1.6 -a test-adm<br>>> S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE AUTH=PLAIN<br>>> SASL-IR] cyrus3-test Cyrus IMAP v2.4.13-Invoca-RPM-2.4.13-1.el6 server<br>>> ready<br>><br>>Are you authenticating via saslauthd [since you are using PLAIN]? If so<br>>can you suceed with testsaslauthd -u .... ?<br><br>I can connect via testsaslauthd:<br>#testsaslauthd -u test-adm -p password<br> 0: OK "Success."<br><br><br>>> I've tried to configure old cyrus with the same parameters but it<br>>> doesn't work. I've added the following line to imapd.conf but nothing<br>>> change, I get the same response without AUTH=PLAIN<br>>> sasl_mech_list: PLAIN<br>><br>>Are you sude your LDAP connection is configured the same way? [OpenLDAP<br>>uses the SSF concept too]. Perhaps you certificates are expired or<br>>misconfigured [permissions]?<br><br>I guess LDAP is correctly configured as new cyrus server is connecting to the same LDAP server and it works (I've no acces to LDAP configuration)<br><br>>> I don't know if I need to force plain login in saslauthd.conf as well,<br>>> or if there is some parameter that I should specify because in old<br>>> versions it's needed.<br><br><br>Manel Gimeno Zaragoza<br>magiza83@hotmail.com<br>                                            </div>
<br>----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/</div>                                            </div></body>
</html>