mupdate auth configuration

Prentice Bisbal prentice at
Wed Feb 18 15:09:37 EST 2004


Thanks for the response. Unfortunately, that's not my problem:

# mupdatetest -p 3905 -u mupdater


Jim Levie wrote:
> On Tue, 2004-02-17 at 15:59, Prentice Bisbal wrote:
>>Im setting up Cyrus on a SAN where /var/spool/imap is shared via the 
>>san. I'm using the unified-imap branch as suggested by Ken Murchison. 
>>Everything seems to be working except mupdate. When I try to create a 
>>mailbox, I get the following error
>>localhost.localdomain> cm user.prentice
>>createmailbox: no authentication to server
>>I suspect it may be a SASL issue. I've tried the mupdate login names 
>>with and without the domain/realm appended to the username.
> If it is the same problem I just found, then it is a SASL problem.
>>Feb 17 16:53:29 pdb-mail-1 imap[13192]: authentication to remote mupdate 
>>server failed:  "undefined error!"^M
> I don't know which version of Cyrus you are running, but that error is
> remarkably similar to what mupdate-client.c procduces on 2.2.3. I see
> that you are using sasldb2, which makes me think it may be the same
> problem I had.
> What I found was that SASL is being too helpful in trying to use the
> strongest authentication method possible. If SASL was build with
> Kerberos support and you aren't using Kerberos that is the only method
> mupdate will try, which of course will fail. You can tell if this is the
> case by executing:
> mupdatetest -p 3905 -u mupdater
> and checking the "* AUTH" line for GSSAPI.
> I don't see a way of limiting the mupdate server's allowable auth mechs
> in the imapd.conf, but I found that renaming the
> /usr/lib/sasl2/libgssapiv2* plugins and restarting Cyrus on the mupdate
> server is a workable solution.
Home Page:
List Archives/Info:

More information about the Info-cyrus mailing list