cyrus using ldap user database

Igor Brezac igor at ipass.net
Tue Aug 2 19:27:25 EDT 2005 

On Tue, 2 Aug 2005, Cristian Salan wrote:

> On 8/2/05, Igor Brezac <igor at ipass.net> wrote:
>>
>> On Tue, 2 Aug 2005, Cristian Salan wrote:
>>
>>> Hi list,
>>>
>>> I'm trying to make a simple setup using CyrusImapd with OpenLdap user
>>> database.
>>>
>>> The following errors are listed in /var/log/messages:
>>> imap[36714]: auxpropfunc error invalid parameter supplied
>>> ptloader[36715]: starting: $Id: ptloader.c,v 1.39 2004/12/17 16:32:26 ken3
>>> Exp $ (ldap)
>>> ptloader[36715]: ldap_sasl_interactive_bind() failed 16 (No such attribute).
>>> imap[36714]: ptload(): bad response from ptloader server:
>>> ptsmodule_connect() failed
>>
>> These are ptloader errors.
>
> Can you please explain what is ptloader responsible for

ptloader is a driver for the pts module, an cyrus imapd authorization 
mechanism.

> or where can I
> found the documentation for it.

imapd.conf man pages and you should also read cyrus imapd documentation.

>>> imap[36714]: bad userid authenticated
>>> imap[36714]: badlogin: localhost [::1] plaintext some_existing_ldap_user
>>> invalid user
>>>
>>> and in auth.log:
>>> imap[36714]: auxpropfunc error invalid parameter supplied
>>> imap[36714]: bad userid authenticated
>>
>> Something is wrong with your ldapdb configuration and possibly openldap
>> config.  See cyrus-sasl-src/doc/options.html
>
> I've read what you sugested. Sorry but no clues (for me).
>
>>> My (maybe too simple) config follows
>>>
>>> imapd.conf
>>> configdirectory: /var/imap
>>> partition-default: /var/spool/imap
>>> allowplaintext: yes
>>> sasl_pwcheck_method: auxprop
>>> sasl_auxprop_plugin: ldapdb
>>> sasl_mech_list: plain login
>>
>>> ldap_uri: ldap://127.0.0.1/
>>> ldap_base: dc=foo,dc=org
>>> ldap_bind_dn: cn=Manager,dc=foo,dc=org
>>> ldap_password: password
>>
>> These are pts/ldap config params.  More than likely you do not need those.
>> See cyrus-imapd/doc for more on authentication vs authorization.
>
> If not here where should i tell it about the ldap server?

What do you want to use the ldap server for, authentication, authorization 
or both?  You probably just need authentication and therefore you need the 
ldapdb auxprop plugin (or saslauthd/ldap or other saslauthd mechanisms 
that indirectly use ldap such as pam).  I suggest you start with cyrus 
sasl docs.

-- 
Igor

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list