Does Proxy User Work?
John C. Amodeo
amodeo at admin.rutgers.edu
Wed Jun 1 15:45:48 EDT 2005
I've been researching a way to proxy as another user for 2 days without
luck. It seems that Cyrus/SASL has the ability to take a proxy command,
but I cannot find any feasible application of it. I need help.
Here's the situation:
I need to migrate 4 legacy Cyrus 2.0.17 servers to a new Cyrus 2.1.15
server. For multiple reasons, I would rather perform the migration via
imap using a sync utility like imapsync (or the equivalent) rather than
trying to merge the 4 servers through a manual upgrade / reconstruct.
I need to be able to "login" as a normal user, say Bob Smith, as the
Cyrus superuser using Cyrus's credentials. If not, it will be a
nightmare (and a bad practice) to collect my user's id's and passwords
to run the conversion... I would love to work in batch mode where I
would only need to supply userid (of the user) and then the cyrus super
account credentials (or equivalent...)
I'm reading all over the place about the difference between authcid and
authzid, proxyservers: cyrus, etc. etc. but can't find any true
application for how this might work in real life. I've tried every
manageable combination of command line arguments with imtest to no avail...
Both my 2.0.16 boxes and my 2.1.15 box authenticate against a central
LDAP directory using sasl_mech_list: PLAIN.
Does anyone have any ideas or suggestions? I really want to avoid
hacking the SASL code to take a "master" password for any user.
Thanks in advance.
John C. Amodeo :: Associate Director of Information Technology
Faculty of Arts and Sciences
Rutgers, The State University of New Jersey
Voice: 732.932.9455 Fax: 732.932.0013
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus