cyrus + virtdomains + ldap admins problems

Mike mike at uniserve.com
Mon Jul 24 23:05:56 EDT 2006


I'm setting up Cyrus 2.3.7, and I've successfully got it up and running with
virtual domains,

replication, and authenticating using sasl + ldap.

 

I'm trying to use a single "admins" user (cyradmin) between the master and
replica for

consistency, and so that I can use it for administering all the virtual
domains on the

machine (rather than having an admin per realm), but I'm having a problem
authenticating

the cryadmin user when I use LDAP auth.

 

In my ldap database, I've specified the cyradmin user as
cyradmin at example.com.

 

testsaslauthd authenticates the user fine

 

--snip-

 

[root at mstore1a /]# testsaslauthd -u cyradmin -r example.com -p password

0: OK "Success."

 

--snip-

 

but neither logging with fully qualified or non-fully qualified works via
IMAP

 

--snip-

 

[root at mstore1a /]# telnet localhost imap

Trying 127.0.0.1...

Connected to localhost (127.0.0.1).

Escape character is '^]'.

* OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS] mstore1a.uniserve.ca
IMAP4  server ready

dm login cyradmin password

dm NO Login failed: authentication failure

dm login cyradmin at example.com password

dm NO Login failed: authentication failure

 

--snip-

 

I have also verified that creating a domain specific admin (ie- user at domain)
works fine, and I can login

with it and create mailboxes. Although, this does not work for the
replication config, as I need to be

able to replicate all accounts from all domains.

 

Is there something I'm missing?

 

Any help would be great.

 

Mike

 

 

 

my imapd.conf file is as follows:

 

--snip-

 

configdirectory: /u/imap

 

sasl_pwcheck_method: saslauthd

sasl_mech_list: PLAIN

 

lmtp_over_quota_perm_failure: yes

lmtp_downcase_rcpt: yes

lmtp_strict_quota: yes

 

unixhierarchysep: yes

expunge_mode: delayed

flushseenstate: yes

fulldirhash: yes

hashimapspool: yes

 

partition-default: /mstore1a/cyrus/p0

partition-p0: /mstore1a/cyrus/p0

partition-p1: /mstore1a/cyrus/p1

partition-p2: /mstore1a/cyrus/p2

partition-p3: /mstore1a/cyrus/p3

partition-p4: /mstore1a/cyrus/p4

partition-p5: /mstore1a/cyrus/p5

partition-p6: /mstore1a/cyrus/p6

partition-p7: /mstore1a/cyrus/p7

partition-p8: /mstore1a/cyrus/p8

partition-p9: /mstore1a/cyrus/p9

 

metapartition_files: header index cache expunge squat

metapartition-default: /u/metadata/p0

metapartition-p0: /u/metadata/p0

metapartition-p1: /u/metadata/p1

metapartition-p2: /u/metadata/p2

metapartition-p3: /u/metadata/p3

metapartition-p4: /u/metadata/p4

metapartition-p5: /u/metadata/p5

metapartition-p6: /u/metadata/p6

metapartition-p7: /u/metadata/p7

metapartition-p8: /u/metadata/p8

metapartition-p9: /u/metadata/p9

 

poptimeout: 1

admins: cyradmin

 

sievedir: /u/imap/sieve

sendmail: /usr/sbin/sendmail

 

virtdomains: yes

defaultdomain: example.com

 

tls_cipher_list: TLSv1 :SSLv3 :SSLv2 : !DES : !LOW :@STRENGTH

tls_ca_file: /usr/local/cyrus-imapd/etc/ssl/server.pem

tls_cert_file: /usr/local/cyrus-imapd/etc/ssl/server.pem

tls_key_file: /usr/local/cyrus-imapd/etc/ssl/server.pem

 

#

# Replication Config

#

sync_host: mstore1b

sync_authname: cyradmin

sync_password: password

sync_machineid: 1

sync_log: yes

sync_repeat_interval: 10

 

--snip-

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.andrew.cmu.edu/mailman/private/cyrus-devel/attachments/20060724/3af55e42/attachment.html


More information about the Cyrus-devel mailing list