VirtDomains, DefaultDomain, and SASL

Igor Brezac igor at ipass.net
Wed Jun 2 12:36:06 EDT 2004 

On Wed, 2 Jun 2004, SAiello at Jentoo.com wrote:

> Is there a better list I should send this question ? I am guessing from lack
> of response I am sending to the wrong list. Sorry and thank you for any
> pointers to the proper place to get help.

Show some patience... :-)

> ----------  Forwarded Message  ----------
>
> Subject: VirtDomains, DefaultDomain, and SASL
> Date: Tuesday 01 June 2004 02:54 pm
> From: "SAiello at Jentoo.com" <SAiello at Jentoo.com>
> To: info-cyrus at lists.andrew.cmu.edu
>
> Hello All,
>
> I have:
> cyrus-imapd-2.2.3
> cyrus-sasl-2.1.14

I recommend you upgrade to 2.1.18.  Lots of fixes.

> openldap-2.1.26
>
> sasl is set to use ldap. My sasl ldap conf file follows:
> ldap_servers:   ldap://localhost
> ldap_bind_dn:   cn=cyrus,ou=users,dc=internal,dc=root
> ldap_bind_pw:   neener
> ldap_version:   3
> ldap_timeout:   10
> ldap_time_limit:        10
> ldap_scope:     sub
> ldap_search_base:       dc=root
> ldap_auth_method:       bind
> ldap_filter:    (&(dc:dn:=%d)(mail=%U))
> ldap_password_attr:     userPassword
>
> My imapd.conf follows:
> admins:                 cyrus
> hashimapspool:          yes
> allowanonymouslogin:    no
> allowplaintext:         yes
> lmtp_allowplaintext:    yes
> lmtp_downcase_rcpt:     yes
> virtdomains:            yes
> defaultdomain:          internal
> altnamespace:           yes
> sasl_pwcheck_method:    saslauthd
> sasl_mech_list:         PLAIN LOGIN
>
> when using imtest like "imtest -a user at domain.com 127.0.0.1", I can
> authenticate fine. Also "imtest -a cyrus at internal 127.0.0.1", works too.  But
> "imtest -a cyrus 127.0.0.1", doesn't work. Shouldn't the defaultdomain value
> be appended when authenticating via sasl ?

No, it may append reverse lookup of 127.0.0.1 if it is a fqdn.  See 'man
imapd.conf' for more on virtdomains.

> And would login via "cyrus" be a
> global admin, and not just an admin for the "internal" domain ?

Yes.

-- 
Igor
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list