postfix + saslauthd: SASL PLAIN authentication failed: no mechanism available
Ana Díez
Ana.Diez at si.upct.es
Mon Dec 5 10:27:46 EST 2011
El 01/12/2011 19:00, Dan White escribió:
> On 01/12/11 12:34 +0100, Ana Díez wrote:
>> Hi,
>>
>> I'm working to configure SASL (2.1.25) with Postfix 2.7.1. in Solaris
>> 10.
>>
>> I'm running saslauthd with ldap:
>>
>> /usr/local/sbin/saslauthd -a ldap
>>
>> And running manually "testsaslauthd" works ok
>> # /usr/local/sbin/testsaslauthd -u xxxx -p xxxxx
>> 0: OK "Success."
>>
>> But Postfix seems to ignore the "pwcheck_method". Although I set it as
>> "saslauthd", I receive "could not find auxprop plugin, was searching for
>> '[all]'", "SASL PLAIN authentication failed: no mechanism available"
>> im my
>> logs.
>>
>> The file /usr/local/lib/sasl2/smtpd.conf:
>
> I believe Postfix overwrites the confdir path via a callback. It appears
> that it is:
>
> *path = concatenate(var_config_dir, "/", "sasl:/usr/lib/sasl2", (char
> *) 0);
>
> For example:
>
> /etc/postfix/sasl:/usr/lib/sasl2
> You'll need to place your smtpd.conf file into one of those two
> directories for libsasl2 to see it.
I have already links from those directories to smtpd.conf
>
>> pwcheck_method: saslauthd
>> mech_list: PLAIN LOGIN
>> saslauthd_path: /var/state/saslauthd/
>
> saslauthd_path should include the full path to the mux, e.g.:
>
> saslauthd_path: /var/state/saslauthd/mux
>
Ok, I have made this change.
> If you happen to be running postfix chrooted (within master.cf), then
> that
> will affect where postfix (and libsasl2) will look for the saslauthd mux.
>
>> The Postfix configuration:
>>
>> # postconf -n | grep sasl
>> broken_sasl_auth_clients = yes
>> smtpd_client_restrictions = permit_mynetworks,
>> permit_sasl_authenticated, reject_unauth_destination,
>> check_relay_domains
>> smtpd_recipient_restrictions = permit_mynetworks,
>> permit_sasl_authenticated, check_relay_domains,
>> reject_non_fqdn_recipient
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_path = smtpd
>> smtpd_sasl_security_options = noanonymous
>> smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
>
> Patrick's 'saslfinger' script might help to catch some other problems.
>
I have executed saslfinger but I didn't found any problem.
Deepening, I have seen that when I built cyrus sasl only static
libraries are created for auth mech:
#ls -l /usr/local/lib/sasl2/
-rwxr-xr-x 1 root root 795 dic 5 15:59 libsasldb.la
-rwxr-xr-x 1 root root 774 dic 5 15:59 libscram.la
-rwxr-xr-x 1 root root 768 dic 5 15:59 libotp.la
-rwxr-xr-x 1 root root 765 dic 5 15:59 libplain.la
-rwxr-xr-x 1 root root 765 dic 5 15:59 liblogin.la
-rw-r--r-- 1 root root 123568 dic 5 15:59 libsasldb.a
-rw-r--r-- 1 root root 126560 dic 5 15:59 libscram.a
-rw-r--r-- 1 root root 158248 dic 5 15:59 libotp.a
-rw-r--r-- 1 root root 69832 dic 5 15:59 libplain.a
-rw-r--r-- 1 root root 69008 dic 5 15:59 liblogin.a
I still get the same problem...
Thanks.
Ana
--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20111205/9c0e3650/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: firma-escudoupct.jpg-blanco.JPG
Type: image/jpeg
Size: 29412 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20111205/9c0e3650/attachment-0001.jpe
More information about the Cyrus-sasl
mailing list