problem with authentication
Sujit Choudhury
S.Choudhury at westminster.ac.uk
Thu Jul 28 11:26:11 EDT 2005
Following my earlier mail, I have forgot to mention the /etc/pamd/imap
consists of the following lines:
#%PAM-1.0
auth sufficient pam_ldap.so
auth required pam_unix.so
auth sufficient pam_ldap.so
account required pam_unix.so
And cyrus is running on SuSE Linux 9.0.
Many thanks
Sujit
Sujit Choudhury wrote:
> We are running cyrus imapd which authenticates it's users against an
> ldap server. We are getting the problem if a user types the password
> wrong, it continues to try to authenticate and after 6 retries, ldap
> server locks out the account as intrusion detection is in place.
>
> The /etc/imapd.conf contains the following:
> configdirectory: /var/imap
> partition-default: /var/imap/spool
> admins: john
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: plain
> altnamespace: yes
> unixhierarchysep: yes
> tls_cert_file: /var/imap/cyrus.pem
> tls_key_file: /var/imap/cyrus.pem
> virtdomains: userid
> defaultdomain: foobar.co.uk
> sendmail: /usr/sbin/sendmail
> # popminpoll: 2
>
> Is there anything we should do to make sure that only one attempt is
> made and it does not attempt for indefinite period.
>
> ldap.conf is as follows:
>
> base o=foobar
> uri ldap://ldap.foobar.co.uk
> tls never
> sasl_secprops none
> ldap_version 3
> #SIZELIMIT 12
> #TIMELIMIT 15
> #DEREF never
>
> Would be grateful for some ideas.
>
> Many thanks
>
> Sujit Choudhury
>
>
>
>
> ---
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list