cyrus-2.2.3 + cyrus-sasl + ldap problem
Andrew B. Panphiloff
borisych at borisych.mastak.ru
Thu May 20 22:46:28 EDT 2004
I have strange behaviour of cyrus-imapd and cyrus-sasl.
imapd config :
--------------------------------------------------------------------------
tls_ca_file: /etc/ssl/cyrus.pem
tls_cert_file: /etc/ssl/cyrus.pem
tls_key_file: /etc/ssl/cyrus.pem
virtdomains: yes
defaultdomain: localhost
configdirectory: /var/imap
partition-default: /var/spool/imap
sievedir: /var/imap/sieve
altnamespace: no
unixhierarchysep: no
lmtp_downcase_rcpt: yes
admins: cyrus
allowanonymouslogin: no
popminpoll: 0
autocreatequota: 100000
createonpost: yes
autocreateinboxfolders: Sent | Drafts | Templates | Trash
autosubscribeinboxfolders: Sent | Drafts
umask: 077
sieveusehomedir: false
hashimapspool: true
allowplaintext: yes
sasl_mech_list: plain login
sasl_minimum_layer: 0
sasl_pwcheck_method: saslauthd
sasl_auto_transition: no
tls_ca_path: /etc/ssl/certs
tls_session_timeout: 1440
tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH
lmtpsocket: /var/run/cyrus/socket/lmtp
idlesocket: /var/run/cyrus/socket/idle
notifysocket: /var/run/cyrus/socket/notify
---------------------------------------------------------------------------
saslauthd.conf config:
---------------------------------------------------------------------------
ldap_servers: ldap://127.0.0.1
ldap_bind_dn: cn=admin,o=8ka.mipt.ru
ldap_bind_pw: xxx
ldap_version: 3
ldap_search_base: ou=Mail,o=8ka.mipt.ru
ldap_filter: mail=%u
---------------------------------------------------------------------------
when I tries test authentification with testsaslauthd all works ok
./testsaslauthd -u jeka at 8ka.mipt.ru -p xxx
0: OK "Success."
ldap log:
==> ldbm_back_bind: dn: cn=admin,o=8ka.mipt.ru
ldbm_cache_open (blksize 8192) (maxids 1022) (maxindirect 9)
ldbm_cache_open (blksize 8192) (maxids 1022) (maxindirect 9)
send_ldap_result: err=0 matched="" text=""
connection_get(10)
SRCH "ou=Mail,o=8ka.mipt.ru" 2 0 1 5 0
filter: (mail=jeka at 8ka.mipt.ru)
attrs: dn
saslauthd log:
saslauthd[6918] :do_auth : auth success: [user=jeka at 8ka.mipt.ru]
[service=imap] [realm=] [mech=ldap]
saslauthd[6918] :do_request : response: OK
but when I tries test authentification with cyrus-imapd I get:
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK sunduck Cyrus IMAP4 v2.2.3-Gentoo server ready
1 login jeka at 8ka.mipt.ru xxx
1 NO Login failed: authentication failure
ldap log:
==> ldbm_back_bind: dn: cn=admin,o=8ka.mipt.ru
ldbm_cache_open (blksize 8192) (maxids 1022) (maxindirect 9)
ldbm_cache_open (blksize 8192) (maxids 1022) (maxindirect 9)
send_ldap_result: err=0 matched="" text=""
connection_get(9)
SRCH "ou=Mail,o=8ka.mipt.ru" 2 0 1 5 0
filter: (mail=jeka)
attrs: dn
saslauthd log:
saslauthd[7158] :do_auth : auth failure: [user=jeka]
[service=imap] [realm=8ka.mipt.ru] [mech=ldap] [reason=Unknown]
saslauthd[7158] :do_request : response: NO
why in first case saslauthd get "user=jeka at 8ka.mipt.ru" and "realm="
but in second case it get "user=jeka" and "realm=8ka.mipt.ru" ?
How fix this behaviour ?
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list