Cyrus IMAPd -> SASL auxprop-plugin: ldapdb -> OpenLDAP
Torsten Schlabach
tschlabach at gmx.net
Tue Sep 26 02:09:58 EDT 2006
Hi!
Let me start with the same sentence which seems to belong to this
subject: I have read the archives and docs for days, ...
Let me try to keep my question as simple as possible:
My /etc/imapd.conf:
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: ldapdb
sasl_ldapdb_uri: ldap://127.0.0.1
sasl_ldapdb_id: cn=admin,dc=xxxxx,dc=yy
sasl_ldapdb_pw: *****
Alternatively I tried
sasl_ldapdb_id: admin
What I would expect to see happening is:
1. User logs on to IMAPd and supplies a username and a password. (I am
trying this using cyradm.)
2. Username and password are passed on to the SASL layer.
3. The SASL layer finds out that I am using ldapdb, so it passes the
username / password onto an LDAP bind.
4. OpenLDAP is supposed to do the sasl-regexp mapping, locate the object
to authenticate agains and just do it.
Step #4 seems to be ok, as I can test that with
ldapwhoami -U admin
I get an authentication success.
But trying through cyradm I don't even see any activity on the LDAP log.
So it appears as if IMAPd completely ignores any of the auxprop_plugin
settings and goes straight to sasldb, which I guess is the default.
How can I debug that?
How can I make sure the settings I have made in /etc/imapd.conf have an
effect at all?
As SASL is a library and not a process in itself, I would probably have
to tell IMAPd to do some more logging, don't I?
Regards,
Torsten
More information about the Cyrus-sasl
mailing list