R: Problem in authenticating via sasldb2

Mike O'Rourke mjoop at curia.op.org
Fri Mar 12 17:09:21 EST 2004 

> "Luca Manganelli" <manganelli at ksolutions.it> 03/12/04 06:11pm >>>
>> -----Messaggio originale-----
>> Da: Mike O'Rourke [mailto:mjoop at curia.op.org] 
>> Inviato: venerdì 12 marzo 2004 17.45
>> A: info-cyrus at lists.andrew.cmu.edu 
>> Oggetto: Re: Problem in authenticating via sasldb2
>> 1. saslauthd has *nothing* to do with your setup.
>
>ok
>
>> 2. use "sasldblistusers2" rather than "strings sasldb2"
>
>[root at ksmail-test cyrus-imapd]# /usr/sbin/sasldblistusers2
>cyrus at localhost: cmusaslsecretOTP
>cyrus at localhost: userPassword
>
>> 3. where are you when you execute "./cyradm ..."? It looks 
>> like you are
>> in your build directory. Try the one in /usr/local/bin (if 
>> you installed
>
>I'm on /usr/lib/cyrus-imapd. There is no /usr/local/bin

ah, ok

>
>> it in the default location) "cyradm --user cyrus --auth plain
>> localhost". I have to use "cyradm --user cyrus --auth DIGEST-MD5
>> localhost" since I have not explicitely set the sasl_mech_list.
>
>[root at ksmail-test cyrus-imapd]# ./cyradm --user cyrus --auth plain
localhost
>Password:
>IMAP Password:
>               at
/usr/lib/perl5/site_perl/5.6.1/i386-linux/Cyrus/IMAP/Admin.pm line 118
>cyradm: cannot authenticate to server with plain as cyrus
>[root at ksmail-test cyrus-imapd]# ./cyradm --user cyrus --auth
DIGEST-MD5 localhost
>cyradm: cannot authenticate to server with DIGEST-MD5 as cyrus

You may try either of the following, (although I am doubtful that this
is what your problem is):

a)  Delete your cyrus at localhost user from the sasldb file with

          saslpasswd2 -d -u localhost cyrus

      and re-create it without using the "-u" option:

          saslpasswd2 -c cyrus

or

b) Edit your /etc/imapd.conf and add the line:

         loginrealms: localhost ksmail-test kmailcert.it

    restart the cyrus "master" process.

since your present imapd.conf does not allow cross-realm logins. See
"man imapd.conf". The documentation is not clear on what the imap server
does with "localhost" -- i.e. whether it consideres it a separate realm
(the "native" realm being what is (generally) returned with "uname
-n").

Mike.

---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list