Move sasldb2 between two servers

Patrick Ben Koetter p at state-of-mind.de
Tue Jun 12 03:12:19 EDT 2007


* Martin Schweizer <schweizer.martin at gmail.com>:
> Hello
> 
> I ask this question a long time ago but had no time until now. Here is
> a snip of the conversation:

Fine.
Is there any question associated with your post or is it just for the books?

p at rick




> 
> [snip]
> ...
> 
> An entry in sasldb contains 3 or maybe 4 parts. Username, Realm, Password 
> (and
> Type: the "userPassword"). If your users uses only a Username, without
> @domain-Part, the Hostname of the Server is used for this key. This is
> servername in imapd.conf for Cyrus-Imapd.
> 
> Either create entries with:
> 
> # saslpasswd -cu domain.tld username
> 
> And tell your users to use "user at domain.tld" as Username. This should work 
> on
> both servers, then.
> 
> Or if you (have already) create(d) entries with:
> 
> # saslpasswd -c username
> 
> The Hostname of the Server is used and either your Users use
> "username at host.domain.tld" as username or you have to change something
> between the Source and Destination (Backup) Server. The easiest is to change
> the servername (imapd.conf) of the Backup-Server to be equal the other. Then
> Users can use "username" on both servers.
> 
> >> the Hostname of the Source-Server. Or change sasldb after copying. Or...
> >
> >... what you mean with "change sasldb after copying"? Do something by hand?
> 
> If the databasetype is bdb, you can use db_dump/db_load
> 
> # db_dump -p /etc/sasldb2 | sed 's/host1\.domain\.tld/host2.domain.tld/' |
> db_load /etc/sasldb2_new
> 
> This is only an example, if you really want to use something like that, you
> should work at least on the regexp in sed.
> 
> Or a little Perl-Script.
> 
> [snip]
> 
> I have two cyrus mail server with exact the same setup which runs in a
> master/slave syncroniation. It works perfect. The problem is I need to
> update both sasldb2 files if I get a new user. As you can read above
> there are some solutions. In my environment the
> 
> # saslpasswd -cu domain.tld username
> 
> is the best way because I have only about 30 users. I tested the above
> but could not authentication correct. What do I wrong?
> 
> Kind regards,
> 
> --
> Martin Schweizer
> schweizer.martin at gmail.com
> Tel.: +41 32 512 48 54 (VoIP)
> Fax: +1 619 3300587

-- 
The Book of Postfix
<http://www.postfix-book.com>
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>


More information about the Cyrus-sasl mailing list