ptloader setup

Igor Brezac igor at ipass.net
Thu Jan 6 21:14:13 EST 2005 

On Thu, 6 Jan 2005, Mike O'Rourke wrote:

> Igor Brezac 01/06/05 02:05am
>
>> On Wed, 5 Jan 2005, Mike O'Rourke wrote:
>>
>>> Igor Brezac 01/05/05 09:19pm
>>>>
>>>> On Wed, 5 Jan 2005, Mike O'Rourke wrote:
>>>>
>>>>> Igor Brezac 12/31/04 12:21am
>>>>>
>>>>>> On Thu, 30 Dec 2004, Mike O'Rourke wrote:
>>>>>>
> ...<snip>
>>>
>>> Jan  5 14:48:46 server12 master[21600]: about to exec /usr/cyrus/bin/imapd
>>> Jan  5 14:48:46 server12 imap[21600]: executed
>>> Jan  5 14:48:46 server12 imap[21600]: accepted connection
>>> Jan  5 14:48:46 server12 imap[21600]: ptload(): pinging ptloader
>>> Jan  5 14:48:46 server12 ptloader[6849]: accepted connection
>>> Jan  5 14:48:46 server12 ptloader[6849]: mystore: starting txn 2147483754
>>> Jan  5 14:48:46 server12 ptloader[6849]: mystore: committing txn 2147483754
>>> Jan  5 14:48:46 server12 imap[21600]: badlogin: server11.mydom.com [192.168.7.11] plaintext test3 at testdom.mydom.com SASL(-13): user not
>> found: checkpass failed
>>> Jan  5 14:49:49 server12 master[6846]: process 21600 exited, status 0
>>
>> You are getting bad password error.  This is not related to ptloader.
>>
>> -Igor
>
> OK, so what am I missing between the ptloader (which obviously retrieves 
> the correct information from the LDAP server as shown by a ptdump) and 
> imapd (which refuses to believe that the username/password combination 
> as supplied is correct)? Once again, I post my imapd.conf as I can't 
> help but think that I have ommitted some critical entry. I changed 
> everything to use saslauthd with the same LDAP server and everything 
> worked fine (even the autocreate inbox function), but auth=pts 
> absolutely refuses to give me any joy.
>
> configdirectory: /var/imap
> defaultpartition: default
> partition-default: /var/spool/imap
> unixhierarchysep: yes
> allowanonymouslogin: no
> allowplaintext: yes
> allowusermoves: yes
> servername: server12.mydom.com
> virtdomains: userid
> defaultdomain: mydom.com
> autocreatequota: -1
> createonpost: 1
> autocreateinboxfolders: Sent|Trash
> autosubscribeinboxfolders: Sent|Trash
> admins: cyrus
> lmtpsocket: /var/imap/socket/lmtp
> sendmail: /usr/sbin/sendmail
> tls_cert_file: /var/imap/server12_cert.pem
> tls_key_file: /var/imap/server12_key.pem
> tls_CA_file: /var/imap/cacerts/cacert.pem
> tls_CA_path: /var/imap/cacerts
> tls_require_cert: 0
> ldap_sasl: 0
> ldap_base: ou=email,o=internet,dc=mydom.com
> ldap_bind_dn: cn=server12.mydom.com,ou=hosts,o=internet,dc=mydom.com
> ldap_filter: (&(uid=%u)(MailUserDefHost=server12.mydom.com))
> ldap_password: mypass
> ldap_tls_cacert_file: /var/imap/cacerts/cacert.pem
> ldap_tls_cert: /var/imap/server12_cert.pem
> ldap_tls_key: /var/imap/server12_key.pem
> ldap_uri: ldaps://192.168.7.11 ldaps://ldap1.mydom.com ldaps://ldap2.mydom.com
> ptloader_sock: /var/imap/socket/ptsock
>

I do not see saslauthd related config, by default cyrus will use auxprop. 
auth=pts is an authorization mechanism (not authentication) (see 
cyrus-imap/doc for more). Add the following to you imapd.conf and things 
will probably work:

sasl_pwcheck_method: saslauthd
sasl_mech_list: login plain

-- 
Igor
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list