login with an '@'

Guguin Benoit liste at alixen.fr
Thu Oct 7 09:30:31 EDT 2004 

Hello,

Thank you, I use saslauthd with OpenLDAP. This is my saslauthd configuration :

ldap_servers: ldap://127.0.0.1/
ldap_version: 3
ldap_timeout: 10
ldap_time_limit: 10
ldap_cache_ttl: 30
ldap_cache_mem: 32768
ldap_scope: sub
ldap_search_base: dc=gosa,dc=alx,dc=fr
ldap_auth_method: bind
ldap_filter: (|(&(uid=%u)(objectClass=gosaMailAccount))(&(cn=%u)(cn=cyrus))(&(cn=%u)(objectClass=gosaSharedFolderTarget))(&(cn=%u)(cn=share)))
ldap_bind_dn: cn=userbind,ou=people,dc=gosa,dc=alx,dc=fr
ldap_bind_pw: test

So I have try mail=%u@%d instead uid=%u but it's doesn't work. Im y log i have :

(&(cn=bguguin)(cn=cyrus))(&(mail=bguguin at gosa.alx.fr)(objectClass=gosaSharedFolderTarget))(&(cn=bguguin)(cn=share)))" 
Oct  7 15:24:41 ldap slapd[4049]: conn=30 op=1 SRCH attr=dn 
Oct  7 15:24:41 ldap slapd[4049]: conn=30 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= 
Oct  7 15:24:41 ldap slapd[4049]: conn=30 op=2 BIND anonymous mech=implicit ssf=0 
Oct  7 15:24:41 ldap slapd[4049]: conn=30 op=2 BIND dn="uid=bguguin,ou=people,ou=informatique,dc=gosa,dc=alx,dc=fr" method=128 
Oct  7 15:24:41 ldap slapd[4049]: conn=30 op=2 BIND dn="uid=bguguin,ou=people,ou=informatique,dc=gosa,dc=alx,dc=fr" mech=SIMPLE ssf=0 
Oct  7 15:24:41 ldap slapd[4049]: conn=30 op=2 RESULT tag=97 err=0 text= 
Oct  7 15:24:41 ldap cyrus/imapd[4255]: badlogin: localhost.gosa.alx.fr[127.0.0.1] plaintext bguguin at gosa.alx.fr SASL(-13): authentication failure: cross-realm login bguguin at gosa.alx.fr denied

So saslauthd send a valid request to ldap and found 1 entrie, but cyrus says badlogin ...

thank you in advance.

On Thu, 7 Oct 2004 12:21:43 +0200
"Jesper K. Pedersen" <jkp at solnet.homeip.net> wrote:

> On Thu, 7 Oct 2004 10:11:27 +0200
> Guguin Benoit <liste at alixen.fr> wrote:
> 
> > Hello,
> > 
> > I'm currently using cyrus-imap. Very good mail server :)
> > 
> > I'd like to manage a multi-domain mail server but, I saw that we can't
> > use a login with the character '@'. So I'm asking you why we can't ?
> > 
> > thank you in advance.
> > 
> > ps : sorry for my poor english
> > 
> 
> We have been running a mail server using sendmail as MTA and Cyrus Imap
> as the storage. Our authorization system is based on Cyrus SASL using
> the sasldb2 file format.
> We are hosting 5 different domains and people log in with a their
> username which are their email address and a password.
> 
> Perhaps if you let us know how your setup is it would be easier to
> assist you.
> 
> 
> Good luck with the project.
> 
> 
> Best regards,
> Jesper K. Pedersen
> 


-- 
-- 
Guguin Benoit
Société Alixen 2 rue Jean Rostand 91 893 Orsay Cedex France
Tel : 01 69 85 24 13, Fax : 01 69 85 24 10

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list