cyradm auth mechanism

Thomas Vogt tv at solnet.ch
Mon Jul 4 17:16:33 EDT 2005


Hi everyone

I've a problem with my new clean, cyrus installation. I  can't login  
with my cyradm admin account. The account information is stored in my  
ldap database.  The sasldb2 is empty. I don't use it. Can you give me  
some advice?

For cyradm I use this command:
cyradm --user nmeth2vdiysttboz --server localhost --auth plain
Password:
IMAP Password: <i use the ldap password here>

Error message:
Invalid user at /usr/local/lib/perl5/site_perl/5.8.7/mach/Cyrus/IMAP/ 
Admin.pm line 118
cyradm: cannot authenticate to server with plain as nmeth2vdiysttboz

Logfile:
Jul  4 21:00:36 mail03 imap[58290]: badlogin: localhost [127.0.0.1]  
PLAIN [SASL(-16): encryption needed to use mechanism: security flags  
do not match required]
Jul  4 21:00:39 mail03 perl: No worthy mechs found
Jul  4 21:00:40 mail03 imap[58290]: ptload(): bad response from  
ptloader server: identifier not found
Jul  4 21:00:40 mail03 imap[58290]: bad userid authenticated
Jul  4 21:00:40 mail03 imap[58290]: badlogin: localhost [127.0.0.1]  
plaintext nmeth2vdiysttboz invalid user

testsaslauthd -u nmeth2vdiysttboz -p 1234
0: OK "Success."


imtest -m LOGIN -a nmeth2vdiysttboz localhost
S: * OK mail03.test.ch Cyrus IMAP4 v2.2.12 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS  
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND  
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE  
LISTEXT LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
Please enter your password: <type in here>
C: L01 LOGIN nmeth2vdiysttboz {16}
S: L01 NO Invalid user
Authentication failed. generic failure
Security strength factor: 0



ldap entry for admin:

# nmeth2vdiysttboz, people, test, test.ch
dn: uid=nmeth2vdiysttboz,ou=people,ou=test,dc=test,dc=ch
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: nmeth2vdiysttboz
cn: Cyrus Admin
userPassword:: 1234


saslauthd.conf
ldap_servers: ldap://127.0.0.1/
ldap_search_base: ou=people,ou=test,dc=test,dc=ch


imapd.conf:
configdirectory: /m/imap
partition-default: /m/spool/imap
allowplaintext: yes
admins: nmeth2vdiysttboz
quotawarn: 90
timeout: 30
imapidlepoll: 60
poptimeout: 10
logtimestamps: yes
singleinstancestore: yes
sieveusehomedir: false
sievedir: /m/imap/sieve
hashimapspool: true

sasl_pwcheck_method: saslauthd
sasl_mech_list: plain login

ptloader_sock: /var/imap/socket/ptsock
lmtpsocket: /var/imap/socket/lmtp
idlesocket: /var/imap/socket/idle
notifysocket: /var/imap/socket/notify

ldap_base: dc=test,dc=ch
ldap_deref: search
ldap_sasl: 0
ldap_group_scope: sub
ldap_bind_dn: dc=test,dc=ch
ldap_restart: 1
ldap_scope: sub
ldap_start_tls: 0
ldap_time_limit: 10
ldap_timeout: 15
ptscache_timeout: 1
ldap_tls_check_peer: no
ldap_tls_ciphers: TLSv1:SSLv3:!NULL:!EXPORT:!DES:!LOW:@STRENGTH
ldap_uri: ldap://127.0.0.1/

my cyrus.conf
START {
   recover       cmd="ctl_cyrusdb -r"
}
SERVICES {
   imap          cmd="imapd" listen="143" prefork=0
   pop3          cmd="pop3d" listen="110" prefork=0
   sieve         cmd="timsieved" listen="sieve" prefork=0
   lmtp          cmd="lmtpd" listen="lmtp" prefork=0
   ptloader      cmd="ptloader" listen="/var/imap/socket/ptsock"  
prefork=1
   notify        cmd="notifyd" listen="/var/imap/socket/notify"  
proto="udp" prefork=1
}
EVENTS {
   checkpoint    cmd="ctl_cyrusdb -c" period=30
   delprune      cmd="cyr_expire -E 3" at=0400
   tlsprune      cmd="tls_prune" at=0400
}

System:
FreeBSD 5.4
cyrus-imapd-2.2.12
cyrus-sasl-2.1.21

Saslauth runs with -a ldap
slapd runs with -h "ldapi:///var/run/openldap/ldapi/ ldap://127.0.0.1 "

Any idea?

Regards,
Thomas
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html




More information about the Info-cyrus mailing list