creating users

Ken Murchison ken at oceana.com
Tue Aug 12 23:36:41 EDT 2003



Christian Schulte wrote:

> Am Dienstag, 12. August 2003 02:58 schrieb Ken Murchison:
> 
>>Christian Schulte wrote:
>>
>>>Am Montag, 11. August 2003 23:50 schrieb Norman Zhang:
>>>
>>>>Hi,
>>>>
>>>>I'm a little confused on the process of creating users. First I "su
>>>>cyrus" then I typed the following commands,
>>>>
>>>>
>>>>>cyradm localhost
>>>>>cm user.joebob
>>>>>quit
>>>>>exit (back as root)
>>>>>saslpasswd joebob
>>>>
>>>>Now does joebob require an account on my Linux box?
>>>
>>>That depends on how you configured SASL! If you use PAM with SASL yes
>>>otherwise you should not need to.
>>
>>Why would PAM require him to have local user accounts?  I use PAM and
>>don't have local accounts.
> 
> 
> You are right! After re-reading several parts of documentation I am pretty 
> shure I totally misunderstood PAM ;-)
> It does not require him to use local accounts but enables the possibility to 
> do so.
> 
> Btw: I am using auxprop mysql. How do I have to create the shared secrets in 
> mysql database for CRAM-MD5 and DIGEST-MD5 correctly (the values for the 
> cmusaslsecretXXXX fields) ? For cmusaslsecretPLAIN everything works fine. I 
> tried mysql MD5() function but I think the secrets cannot be produced by some 
> mysql function and need special processing. Any pointers ?

Rather than setting a separate secret for each mechanism, just set the 
userPassword secret.  It will be used by every mechanism other than OTP, 
(that was one of the main reasons for getting away from per-mech secrets).

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp





More information about the Info-cyrus mailing list