Geographically Redundant mail stores
Ken Murchison
ken at oceana.com
Tue Mar 18 22:12:59 EST 2003
"John C. Amodeo" wrote:
>
> Rob,
>
> >Admin users can authorize as any user they want.
>
> I've heard this can be done...but how exactly? Does it have something
> to do with the 'proxy user' setting or something? What if sasl is
> patched for LDAP and does not authenticate locally against the sasldb?
When you authenticate, you need to use a SASL mech which supports
proxying. Look at doc/mechanisms.html in the SASL distro for a complete
list. In your case, you should be able to use at least PLAIN (you can
use others if using OpenLDAP 2.2's auxprop plugin). Here's how you'd
authenticate as 'cyrus' and login as 'test' using imtest and cyradm:
imtest -a cyrus -u test -m plain localhost
cyradm --user cyrus --authz test --auth plain localhost
(cyradm uses some unfortunate/confusing names for the options)
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the Info-cyrus
mailing list