Authentication error

[Cristian Mitrana]

Ken Murchison wrote:

> Christiano Anderson wrote:
>
>> I am installing a Cyrus box with the following configuration:
>>
>> Machine: Dual Xeon 2GHz, 1Gb RAM
>> System: Debian GNU/Linux 3.0, Cyrus 2.1 (Backported) and SASL2 
>> (Backported)
>> Authentication: LDAP
>>
>> I have created a cyrus user under LDAP directory and the PAM modules has
>> been set up to lib_ldap.so. When I try a "testsaslauthd -u cyrus -p
>> [hidden]" I get a Sucess status, however, a "cyradm -u cyrus localhost"
>> doesn't work.
>
>
> This is because cyradm will pick the most secure authentication 
> mechanism that the server advertises (e.g. DIGEST-MD5), and all of the 
> non-plaintext mechanisms require that you have the user's secret 
> stored in an auxprop plugin backend (e.g. sasldb).  If you only want 
> to use plaintext passwords via saslauthd, set your imapd.conf options to:
>
> sasl_mech_list: PLAIN LOGIN
> sasl_pwcheck_method: saslauthd
>
>
> Alternatively, OpenLDAP 2.1.x includes an auxprop plugin, which would 
> allow you use any SASL mech with your LDAP installation.
>
By the way, I tested the ldap auxprop plugin and it does not work for 
Cyrus-imap 2.2.2 cvs.
The funny thing is that with the same setup (minus the "sasl_" in 
imapd.conf) I can
authenticate with Postfix. Anyone had any success with that ? I know is 
more like a cyrus-sasl
problem, but as I said Postfix works in the same scenario.

mitu