cyrus authentication

Mike O'Rourke mjoop at curia.op.org
Mon Feb 23 17:05:07 EST 2004


>>> Robby Russell <rrussell at commandprompt.com> 02/23/04 08:31pm >>>
>Robby Russell typed this on 02/23/2004 10:57 AM:
>> Hello,
>> I am new to cyrus and have been reading many webpages that contain 
>> walk-throughs, examples, etc and have run into a wall with trying to

>> figure out how I am to get cyrus to properly authenticate a user.
>> 
>> Installation of Cyrus IMAP4 v2.2.3 on RedHat 9.
>> 
>> /etc/imapd.conf (pretty much a copy of an example page)
>
>
>I am looking at a few other examples and am trying this configuration
now:
>
>/etc/imapd.conf
>
>> configdirectory: /var/imap
>> partition-default: /var/spool/imap
>> admins: cyrus root
>> srvtab: /var/imap/srvtab
>> allowanonymouslogin: no
>> sasl_passwd_check: shadow
>
>I added a user like so: (assuming I got the -a part right?)
># saslpasswd -c -u some-domain.com -a cyrus-imapd cyrus
>
>/var/log/cyrus-imapd.log
>> badlogin: ip.xx.xx.xx plaintext cyrus SASL(-13): user not found:
checkpass failed
>
>however:
>
># sasldblistusers
>user: cyrus realm: some-domain.com mech: CRAM-MD5
>user: cyrus realm: some-domain.com mech: PLAIN
>user: cyrus realm: some-domain.com mech: DIGEST-MD5
>
>
># sasldblistusers2
>cyrus at some-domain.com: userPassword
>
>So, the same user/pass is in both, but I am not sure which one I
should 
>be using and which one is saying that the user doesn't exist.
>
>Any thoughts?
>
>-Robby
>
Hello Robby,

The _only_ time sasldb (and hence saslpasswd) comes into play is when
your sasl_pwcheck_method is "auxprop" and your sasl_auxprop_plugin is
"sasldb".

If you want to use your *NIX password (shadow) file, you need your
sasl_pwcheck_method to be "saslauthd" and you need to start saslauthd
with the "-a shadow" option:
saslauthd -a shadow

Mike.
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html




More information about the Info-cyrus mailing list