Realm Case Question

Mike Bydalek mbydalek at contentconnections.com
Wed Nov 16 10:50:21 EST 2005


Hello.

I'm using saslauthd with "-a kerberos5 -r"  Everything works fine, 
except when I try and specify the realm in lowercase.  For some reason, 
it's not converting that to the kerberos realm, and I'm wondering if a) 
it's even possible, and b) what I'm missing.

In my /etc/krb5.conf, I have the following:

[domain_realm]
        .contentconnections.com = CONTENTCONNECTIONS.COM
        contentconnections.com = CONTENTCONNECTIONS.COM


When I do a 'testsaslauthd -u <user> -p <pass> -r 
contentconnections.com', saslauthd returns:

saslauthd[7839]: do_auth         : auth failure: 
[user=<user>@contentconnections.com] [service=imap] 
[realm=contentconnections.com] [mech=kerberos5] [reason=saslauthd 
internal error]


Now, the question is, I thought with the [domain_realm] setting, it 
should recognize the lowercase and try to use Kerberos with the actual 
realm name, CONTENTCONNECTIONS.COM.

The reason I'm doing this is because I'm using Courier for IMAP and I'd 
like to keep using full e-mail addresses as usernames.  This will allow 
us to setup multiple domains and realms (which is the next step).

Any thoughts?

Thanks,
Mike


More information about the Cyrus-sasl mailing list