Virtdomains: inter-domain admins do not work ---- was Re: Cannot get loginrealms to work with 2.0.16

[Christian Schulte]

>
>> Your other choice is to skip 2.1 and jump into 2.2
>> available from CVS.  Since you're already compiling
>> your cyrus (as opposed to prepackaged binary) and
>> you want virtual domains support (and willing to go
>> to great lengths to get it), I'd suggest getting the 2.2 branch which 
>> has native virtual domainsupport
>> built into it.
>>
>> There are a few ppl on the list who have been running
>> the 2.2 branch for a couple weeks now and don't seem
>> to be having any problems with it at all.
>
Hello again,

actually I got the cvs branch up and running.  I am now running the 2_2 
cvs branch successfully on the same machine the 2.0.16 with SASL1 still 
runs on!  Cyrus 2_2 got its own alias interface and the machine has two 
IPs now. I just had to tweak one option in the masterconf.c source to 
make the cyrus-2_2 master reading another  cyrus.conf file than 
/etc/cyrus.conf. The 2.0.16 master reads /etc/cyrus.conf as usual and 
 the 2.2 master now reads /etc/cyrus.conf.v2 . Every other configuration 
necessary for such setup could be specified in the cyrus.conf files. The 
old cyrus.conf file read by 2.0.16 for binding to the primary IP and 
starting the old binaries and the second cyrus.conf.v2 file for the 2.2 
master to bind to the secondary IP and to start the new binaries with 
theire own configuration files specified by the -C option.  That all 
worked great and was much easier than I expected it to be! If I now 
would not have forgotten to specify another path to the sieve scripts 
for 2.2 than for 2.0.16, I would not have lost all my scripts. mkimap 
created a new /usr/sieve structure and delted the already existent one. 
But that was something I simply forgot about. For the new 2.2 I have the 
following imapd.conf file:

configdirectory: /var/imap
partition-default: /var/spool/imap
admins: admin at somedomain.com
servername: mailserver.somedomain.com
localdomain: somedomain.com
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sasldb
sasl_allowanonymouslogin: no
sasl_allowplaintext: yes
tls_cert_file: /usr/local/var/imap/server.pem
tls_key_file: /usr/local/var/imap/server.pem
tls_ca_file: /usr/local/var/imap/CAcert.pem
idlesocket: /usr/local/var/imap/socket/idle
loginrealms: realm1.com realm2.net
unixhierarchysep: yes
virtdomains: yes
altnamespace: no

If creating a user with simply saslpasswd2 -c admin in the local realm I 
get the following situation:

admin at somedomain.com: userPassword

If logging in with "admin" I get the administration options but cannot 
create mailboxes in another domain than somedomain.com (Invalid mailbox 
name) and I cannot see any other mailboxes than in somedomain.com thus 
domain administration seems to work.
If logging in with "admin at somedomain.com" I do not get any 
administration options and only see the admin inbox which I created for 
testing. I cannot get the difference here!
The DNS reverselookup to the IP resolves correctly to 
mailserver.somedomain.com and /etc/nodename also says somedomain.com. 
domain-administration seems to work if logging in without an 
@localrealm, but inter-domain administration completely does not work 
for me.

Changing the admins: line to

admins: admin


If now logging in with "admin" I get administration options but cannot 
see any user mailbox and again can only see the admin inbox. If I try to 
create a mailbox like user/test I get permission denied. If I create a 
mailbox like user/test at otherdomain.com I get Invalid mailbox name.
If logging in with "admin at somedomain.com" I do not get any 
administration options and again only see the admin inbox. So 
inter-domain administrators do not work!
What am I doing wrong ? Any hints would be helpful!


---Christian---