problem ntlm won't work with mysql
Ken Murchison
ken at oceana.com
Mon Jul 11 08:19:38 EDT 2005
Thomas Börnert wrote:
> hi list,
>
> ntlm with evolution or outlook isn't working:
>
> imap[17765]: badlogin: localhost.localdomain [127.0.0.1] NTLM [SASL
> (-13): authentication failure: incorrect NTLM response]
>
> i've found: if i use sasldb2 then it works.
>
> if i use the mysql setup below that it won't work :-(.
Do CRAM-MD5 or DIGEST-MD5 work with mysql?
> have anyone an idea ?
My guess is that you are encrypting the passwords in your mysql
database, which will cause non-plaintext mechanisms like NTLM and
DIGEST-MD5 to fail.
>
> my imapd.conf
> <---------------------- snip ----------------------->
> configdirectory: /var/lib/imap
> #duplicatesuppression: 0
> partition-default: /var/spool/imap
> admins: cyrus
> allowanonymouslogin: no
> autocreatequota: 1000000
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> #popminpoll: 1
> servername: pop.domain.net
> sievedir: /var/lib/imap/sieve
> sieve_maxscriptsize: 32
> sieve_maxscripts: 5
> sendmail: /usr/sbin/sendmail
> hashimapspool: true
> allowplaintext: yes
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: LOGIN PLAIN NTLM DIGEST-MD5 CRAM-MD5
> tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
> tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
> tls_ca_file: /usr/share/ssl/certs/cyrus-imapd.pem
> sasl_sql_engine: mysql
> sasl_sql_hostnames: localhost
> sasl_sql_user: mail
> sasl_sql_passwd: secret
> sasl_sql_database: mail
> sasl_sql_select: select password from accountuser where username = '%u'
> <---------------------- snip ----------------------->
>
> my cyrus.conf
> <---------------------- snip ----------------------->
> # standard standalone server implementation
>
> START {
> # do not delete this entry!
> recover cmd="ctl_cyrusdb -r"
>
> # this is only necessary if using idled for IMAP IDLE
> idled cmd="idled"
> }
>
> # UNIX sockets start with a slash and are put into /var/lib/imap/sockets
> SERVICES {
> # add or remove based on preferences
> imap cmd="imapd" listen="[localhost]:imap" prefork=5
> imaps cmd="imapd -s" listen="[localhost]:imaps" prefork=1
> pop3 cmd="pop3d" listen="[pop]:pop3" prefork=3
> pop3s cmd="pop3d -s" listen="[pop]:pop3s" prefork=1
> sieve cmd="timsieved" listen="[localhost]:sieve" prefork=0
>
> # at least one LMTP is required for delivery
> # lmtp cmd="lmtpd" listen="[localhost]:lmtp" prefork=0
> lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1
>
> # this is only necessary if using notifications
> # notify cmd="notifyd" listen="/var/lib/imap/socket/notify"
> proto="udp" prefork=1
> }
>
> EVENTS {
> # this is required
> checkpoint cmd="ctl_cyrusdb -c" period=30
>
> # this is only necessary if using duplicate delivery suppression
> delprune cmd="ctl_deliver -E 3" at=0400
>
> # this is only necessary if caching TLS sessions
> tlsprune cmd="tls_prune" at=0400
>
> # create SQUAT indexes for all mailboxes
> squatter cmd="/usr/lib/cyrus-imapd/squatter -r user.%" at=401
>
> }
> <---------------------- snip ----------------------->
>
> ---
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list