Using MySQL plugin and NTLM - obscure gotcha

Dave O cxreg at
Fri May 23 18:48:50 EDT 2003

You could alter your MySQL query to look like this:

SELECT * FROM foo WHERE BINARY bar = 'value'

which makes the SELECT into a case-sensitive query.  HTH

	Dave O

On Fri, 23 May 2003, Nels Lindquist wrote:

> Okay, this one's *fun.*
> If by "fun" you mean "spending all afternoon trying to figure out why
> exactly Lookout Explode(tm) is behaving the way it is."
> Anyway, I'm using:
> Cyrus SASL 2.1.13 with MySQL plugin and NTLM support
> Cyrus IMAPD 2.1.13
> LOGIN, PLAIN, CRAM-MD5 and DIGEST-MD5 (+/- TLS) work perfectly with
> SASL2 auth tokens stored in a MySQL table.  I decided to try
> recompiling SASL2 to take advantage of NTLM support, as we have a few
> users relying on MS clients.
> Problem:  MySQL SELECT statements are case insensitive.  Cyrus IMAP
> namespace is not.  Clients logged into Windows with any case
> variation of their username can authenticate with NTLM.  However,
> since the authentication token is passed on to IMAP completely
> unmodified, case variants of the username token other than all-
> lowercase don't map to valid IMAP namespace, and 'LIST "" "INBOX"'
> returns nothing useful.
> OE then tries to create an INBOX, but of course has no permission to
> do so, and the request fails.
> Is there some equivalent to Samba's "username level" directive that
> could be used to force the user auth token to lowercase somewhere
> along the way?
> Thanks for any suggestions!
> ----
> Nels Lindquist <*>
> Information Systems Manager
> Morningstar Air Express Inc.

More information about the Info-cyrus mailing list