Making saslauthd fall back on SASLdb?
sbalmos at members.simunex.com
Tue Mar 29 17:26:03 EST 2005
Andreas Hasenack wrote:
>On Tue, Mar 29, 2005 at 03:31:13PM -0500, Scott Balmos wrote:
>>I had this problem solved months ago, but that was on a different
>>system. I'm running imapd using saslauthd as the authentication
>>mechanism. saslauthd, in turn, is running through PAM, which runs to my
>>LDAP server, to do all authentication.
>>I was wondering if there was a way to get saslauthd, or imapd (whichever
>>is the case), to fall back onto checking the local sasldb2 database
>>(auxprop?). There are a few "system" accounts, like cyrus and some
>>system-accessible-only manager accounts, that I want to keep out of LDAP.
>Try this in /etc/imapd.conf:
>sasl_pwcheck_method: saslauthd auxprop
Ayup... that did it. Thanks!
I would suggest, to the writers of the example config files, that
sasl_pwcheck_method's wording be changed to note that you can allow both
of these options. As it is, and this is where I got hung up, the
comments sound like it can only be auxprop OR saslauthd, not both.
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus