mupdate auth configuration
prentice at rcsb.rutgers.edu
Wed Feb 18 15:09:37 EST 2004
Thanks for the response. Unfortunately, that's not my problem:
# mupdatetest -p 3905 -u mupdater 184.108.40.206
S: * AUTH "PLAIN"
S: * STARTTLS
Jim Levie wrote:
> On Tue, 2004-02-17 at 15:59, Prentice Bisbal wrote:
>>Im setting up Cyrus on a SAN where /var/spool/imap is shared via the
>>san. I'm using the unified-imap branch as suggested by Ken Murchison.
>>Everything seems to be working except mupdate. When I try to create a
>>mailbox, I get the following error
>>localhost.localdomain> cm user.prentice
>>createmailbox: no authentication to server
>>I suspect it may be a SASL issue. I've tried the mupdate login names
>>with and without the domain/realm appended to the username.
> If it is the same problem I just found, then it is a SASL problem.
>>Feb 17 16:53:29 pdb-mail-1 imap: authentication to remote mupdate
>>server failed: "undefined error!"^M
> I don't know which version of Cyrus you are running, but that error is
> remarkably similar to what mupdate-client.c procduces on 2.2.3. I see
> that you are using sasldb2, which makes me think it may be the same
> problem I had.
> What I found was that SASL is being too helpful in trying to use the
> strongest authentication method possible. If SASL was build with
> Kerberos support and you aren't using Kerberos that is the only method
> mupdate will try, which of course will fail. You can tell if this is the
> case by executing:
> mupdatetest -p 3905 -u mupdater 220.127.116.11
> and checking the "* AUTH" line for GSSAPI.
> I don't see a way of limiting the mupdate server's allowable auth mechs
> in the imapd.conf, but I found that renaming the
> /usr/lib/sasl2/libgssapiv2* plugins and restarting Cyrus on the mupdate
> server is a workable solution.
Home Page: http://asg.web.cmu.edu/cyrus
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus