Virtual domains and LDAP

James Satterfield james at uberduper.com
Tue Aug 5 12:31:41 EDT 2003 

Aha! For some reason I interpreted the virtual domains document to mean that by
setting the default domain, if a user tries to use an unqualified username, it
will append the default domain for authentication. I have no idea what I was
thinking. This solves the problem and makes me very happy. Thank you.

James.

Quoting Ken Murchison <ken at oceana.com>:

> James Satterfield wrote:
> > I'm using a virtual domain setup based on usernames. So I have a domain
> > uberduper.com and a user jsatter at uberduper.com
> > I've got imapd setup to use saslauthd, and saslauthd setup to auth against
> LDAP.
> > If I assign the uid of jsatter at uberduper.com in ldap, testsaslauthd can
> > successfully auth, but imapd cannot. Looking at the logs suggests that
> imapd
> > isn't passing the entire username jsatter at uberduper.com to saslauthd. Just
> > "jsatter"
>
> This is because you have specified uberduper.com as your defaultdomain,
> which causes Cyrus to strip the domain.  defaultdomain is usually only
> used for backwards compatibility when upgrading an existing single
> domain installation.  Read the virtdomains docs in the distro for details.
>
>
> >
> > Thanks,
> > James.
> >
> > Config snippets:
> > imapd.conf
> >
> > virtdomains: yes
> > defaultdomain:  uberduper.com
> > configdirectory: /usr/local/var/imap
> > partition-default: /usr/local/var/spool/imap
> > allowplaintext: yes
> > admins: root cyrus
> > singleinstancestore: yes
> > duplicatesuppression: yes
> > sieveusehomedir: false
> > sievedir: /usr/local/var/imap/sieve
> > sendmail: /usr/sbin/sendmail
> > sasl_pwcheck_method: saslauthd
> > sasl_mech_list: plain
> > lmtpsocket: /usr/local/var/imap/socket/lmtp
> > idlesocket: /usr/local/var/imap/socket/idle
> > notifysocket: /usr/local/var/imap/socket/notify
> >
> >
> > saslauthd.conf
> > ldap_servers: ldap://64.62.153.124/
> > ldap_bind_dn: cn=root,dc=uberduper,dc=com
> > ldap_bind_pw: secret
> > ldap_search_base: dc=uberduper,dc=com
> > ldap_auth_method: custom
> >
> >
> > auth.log
> > Aug  4 20:44:36 knight saslauthd[48297]: do_auth         : auth failure:
> > [user=jsatter] [service=imap] [realm=] [mech=ldap] [reason=Unknown]
> >
> >
> >
>
>
> --
> Kenneth Murchison     Oceana Matrix Ltd.
> Software Engineer     21 Princeton Place
> 716-662-8973 x26      Orchard Park, NY 14127
> --PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp
>
>

More information about the Info-cyrus mailing list