upgrade from Cyrus 2.1.15 to cyrus 2.2.3 breaks LDAP auxprop authentication.

Igor Brezac igor at ipass.net
Wed Feb 11 08:56:22 EST 2004


Check
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=2926;selectid=2926

Cyrus-imap needs to be fixed, but it was easier to change openldap api.

-Igor

On Wed, 11 Feb 2004, Edward Rudd wrote:

> I'm using the ldapdb auxprop plugin that comes with OpenLDAP 2.1.22 with
> cyrus sasl 2.1.15, which works perfectly with the sasl2 sample server
> and client programs, postfix 1.1.12, postfix 2.0.16, and cyrus imapd
> 2.1.13 to cyrus imapd 2.1.15..   However when I upgraded to cyrus imapd
> 2.2.3 (all of these are using Simon Matter's wonderful RPMS), I always
> get user not found when trying to login as any user.. (fully qualified
> user like test at nowhere.org or the "cyrus" admin user).
>
> And my ldap logs show nothing going on.. literally.. I see a connection
> coming in from sasl, and then disconnecting.. no other activity is
> logged. And I have the loglevel for openldap set to 255.
>
> My auth.log shows "no worthy mechs found" and nothing in my imapd.log
>
> What changed in relation to SASL configuration from Cyrus IMAPD 2.1.x to
> 2.2.x??
>
> Here is my relavent imapd.conf
>
> sasl_pwcheck_method: auxprop
> sasl_auxprop_plugin: ldapdb
> sasl_mech_list:  plain digest-md5 cram-md5 ntlm
>
> sasl_ldapdb_uri: ldap:///
> sasl_ldapdb_id: auxprop_user
> sasl_ldapdb_pw: password_for_said_user
> sasl_ldapdb_mech: DIGEST-MD5
>
> Which is the same configuration as sample.conf (for the sample server
> and client) and smtpd.conf (for postfix). Except those files don't have
> the sasl_ prefix to the configuration directives..
>
>

-- 
Igor




More information about the Info-cyrus mailing list