cmitrana at xnet.ro
Fri Jan 9 09:59:20 EST 2004
Ken Murchison wrote:
> Christiano Anderson wrote:
>> I am installing a Cyrus box with the following configuration:
>> Machine: Dual Xeon 2GHz, 1Gb RAM
>> System: Debian GNU/Linux 3.0, Cyrus 2.1 (Backported) and SASL2
>> Authentication: LDAP
>> I have created a cyrus user under LDAP directory and the PAM modules has
>> been set up to lib_ldap.so. When I try a "testsaslauthd -u cyrus -p
>> [hidden]" I get a Sucess status, however, a "cyradm -u cyrus localhost"
>> doesn't work.
> This is because cyradm will pick the most secure authentication
> mechanism that the server advertises (e.g. DIGEST-MD5), and all of the
> non-plaintext mechanisms require that you have the user's secret
> stored in an auxprop plugin backend (e.g. sasldb). If you only want
> to use plaintext passwords via saslauthd, set your imapd.conf options to:
> sasl_mech_list: PLAIN LOGIN
> sasl_pwcheck_method: saslauthd
> Alternatively, OpenLDAP 2.1.x includes an auxprop plugin, which would
> allow you use any SASL mech with your LDAP installation.
By the way, I tested the ldap auxprop plugin and it does not work for
Cyrus-imap 2.2.2 cvs.
The funny thing is that with the same setup (minus the "sasl_" in
imapd.conf) I can
authenticate with Postfix. Anyone had any success with that ? I know is
more like a cyrus-sasl
problem, but as I said Postfix works in the same scenario.
More information about the Info-cyrus