how to create/add user to cyrus-imapd with openldap22 and sasl2?

Simon Matter simon.matter at ch.sauter-bc.com
Fri Oct 8 08:07:16 EDT 2004


> HI,
>
> I m using cyrus-imapd22, openldap22 and sasl2 in FreeBSD 5.3.
>
> As I have already had a sldap.conf defined with openldap objects(eg.
> rootdn, and rootpw), but one thing I m not sure is how to create a
> rootpw? do I need to use command "saslpasswd2 -c cyrus" and "cyradm
> ...." to create new user in imapd, and this will goes into openldap db
> automatically?
> Another major problem is the saslpasswd2 produce error "error deleting
> entry from sasldb: DB_NOTFOUND: Not mathcing key/data pair found".
> Another command "cyradm -u cyrus --server localhost" has error "at perl:
> No worthy mechs found", and with then show me another error in the log:
> root at at [8:49am] [...etc/openldap]# cyradm -u cyrus --server localhost
> IMAP Password:
> Invalid user at
> /usr/local/lib/perl5/site_perl/5.8.5/mach/Cyrus/IMAP/Admin.pm line 118

Check the list archives for the error above.

> cyradm: cannot authenticate to server with as cyrus
>
> How can I trace back these probem now?
> I really need help from your expect knowledge.
>
> MY slapd.conf with ldap definition parts look like this:
>
> # ******************************* System Backend **********************
> database        ldbm
> cachesize       30000
> #directory      /var/lib/ldap
> directory       /var/db/openldap-data
> lastmod         on
> mode            0600
>
> suffix          "dc=authtec,dc=com"
> rootdn          "uid=cyrus,dc=mydot,dc=com"
> rootpw          {crypt}EicXuWbfgxNaI
>
> # ******************************* System Backend **********************
>
> #
> # cleartext passwords, especially for the rootdn,
> # should be avoid.  See slapd.conf(5) for details.
>
> # Don't put all your energy in a senseless searching
> #
> index           uid,fn,memberuid,gidnumber,alias,relayClientcert eq
> index           objectclass,uidnumber,mailenabled,relativeDomainName eq
> index
> zoneName,vaddress,reject,comFireGroupID,smtpDomain,MTALocaldomain eq
> index           cn,sn,givenname eq,sub
>
> # Access controll
> #
>
> # Private AddressBook
> access to dn="ou=addr,uid=(.*),dc=mydot,dc=com"
>   by dn="uid=$1,dc=mydot,dc=com" write  by * none
>
> # allow rootDSE queries
> access to dn=""
>   by * read
>
> ....
>
> Thank you for your help.
> Sam
>
>






More information about the Info-cyrus mailing list