Authentication error

Ken Murchison ken at
Fri Jan 9 09:41:50 EST 2004

Christiano Anderson wrote:
> I am installing a Cyrus box with the following configuration:
> Machine: Dual Xeon 2GHz, 1Gb RAM
> System: Debian GNU/Linux 3.0, Cyrus 2.1 (Backported) and SASL2 (Backported)
> Authentication: LDAP
> I have created a cyrus user under LDAP directory and the PAM modules has
> been set up to When I try a "testsaslauthd -u cyrus -p
> [hidden]" I get a Sucess status, however, a "cyradm -u cyrus localhost"
> doesn't work.

This is because cyradm will pick the most secure authentication 
mechanism that the server advertises (e.g. DIGEST-MD5), and all of the 
non-plaintext mechanisms require that you have the user's secret stored 
in an auxprop plugin backend (e.g. sasldb).  If you only want to use 
plaintext passwords via saslauthd, set your imapd.conf options to:

sasl_mech_list: PLAIN LOGIN
sasl_pwcheck_method: saslauthd

Alternatively, OpenLDAP 2.1.x includes an auxprop plugin, which would 
allow you use any SASL mech with your LDAP installation.

Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--

More information about the Info-cyrus mailing list