Secure Password Authentication

Andreas andreas at conectiva.com.br
Thu Dec 18 11:47:42 EST 2003


On Thu, Dec 18, 2003 at 11:26:21AM -0500, Ken Murchison wrote:
> What kind of errors were you getting?
> 
> It does work here (where I wrote it), and I believe other's have used it 
> as well.  You can use it with either the user's password stored in an 
> auxprop backend (e.g. sasldb2) or by proxying the auth to an NT/2K/Samba 
> server.

imtest + ntlm worked just fine, but when using OE I got "user not found" kind of
messages in cyrus' logs. I then created a certificate and started using
plain text login with ssl/tls.

Let me see if I still have the error messages in syslog..
Ah, found some.

Using OE (on my home lan):
Dec  7 21:27:26 mac imapd[14509]: NTLM server step 1 
Dec  7 21:27:26 mac imapd[14509]: NTLM server step 2 
Dec  7 21:27:26 mac imapd[14509]: no secret in database
Dec  7 21:27:26 mac imapd[14509]: badlogin: maestro.lowtech[192.168.1.2] NTLM [SASL(-13): user not found: no secret in database]
Dec  7 21:27:34 mac imapd[14509]: NTLM server step 1 
Dec  7 21:27:34 mac imapd[14509]: NTLM server step 2 
Dec  7 21:27:34 mac imapd[14509]: incorrect NTLM responses
Dec  7 21:27:34 mac imapd[14509]: badlogin: maestro.lowtech[192.168.1.2] NTLM [SASL(-13): authentication failure: incorrect NTLM responses]
Dec  7 21:27:40 mac master[14214]: process 14391 exited, status 0



Using imtest (from a remote server, that's why it took longer than the previous test):
Dec  7 21:33:45 mac imapd[14582]: NTLM server step 1 
Dec  7 21:34:03 mac imapd[14582]: NTLM server step 2 
Dec  7 21:34:03 mac imapd[14582]: login: remoteserver[1.2.3.4] andreas NTLM User logged in


# sasldblistusers2 
andreas at mac.lowtech: userPassword





More information about the Info-cyrus mailing list