Virtual domain problem - POP/IMAP, SASL & LDAP

Julian W H Osborne josborne at imsmaxims.com
Tue Mar 15 11:56:20 EST 2005 

Dear All,

I'm having some problems getting Cyrus imap to work correctly with sasl 
and ldap.  Using the testsaslauthd command all is okay, username and domain
is passed through.  However, when using the imap or pop client only the 
user part of the login name is passed through, e.g. if username is
test at imsmaxims.com only test is being passed through.  I've pasted 
everything I think is useful.

System details are:

Linux localhost.localdomain 2.6.10-1.770_FC2 #1 Sat Feb 26 21:40:22 EST 
2005 i686 i686 i386 GNU/Linux
Fedora Core release 2 (Tettnang)
cyrus-imapd-2.2.10-3.fc2
cyrus-sasl-2.1.18-2.2


Thanks

Julian


testsaslauthd
=============

testsaslauthd -u test at imsmaxims.com -p password
0: OK "Success."

Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=3 BIND anonymous 
mech=implicit ssf=0
Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=3 BIND 
dn="cn=manager,o=virtual_domain" method=128
Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=3 BIND 
dn="cn=Manager,o=virtual_domain" mech=SIMPLE ssf=0
Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=3 RESULT tag=97 err=0 
text=
Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=4 SRCH 
base="o=virtual_domain" scope=2 filter="(uid=test at imsmaxims.com)"
Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=4 SRCH attr=dn
Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=4 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=5 BIND anonymous 
mech=implicit ssf=0
Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=5 BIND 
dn="uid=test at imsmaxims.com,ou=it-dept,ou=uk,ou=imsmaxims.com,o=virtual_domain" 
method=128
Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=5 BIND 
dn="uid=test at imsmaxims.com,ou=it-dept,ou=uk,ou=imsmaxims.com,o=virtual_domain" 
mech=SIMPLE ssf=0
Mar 15 16:37:17 localhost slapd[3234]: conn=18 op=5 RESULT tag=97 err=0 
text=


IMAP Connection
===============
telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK IMAP
. login test at imsmaxims.com password
. NO Login failed: authentication failure
. logout
* BYE LOGOUT received
. OK Completed
Connection closed by foreign host.

Mar 15 16:38:45 localhost slapd[3234]: conn=19 op=3 BIND anonymous 
mech=implicit ssf=0
Mar 15 16:38:45 localhost slapd[3234]: conn=19 op=3 BIND 
dn="cn=manager,o=virtual_domain" method=128
Mar 15 16:38:45 localhost slapd[3234]: conn=19 op=3 BIND 
dn="cn=Manager,o=virtual_domain" mech=SIMPLE ssf=0
Mar 15 16:38:45 localhost slapd[3234]: conn=19 op=3 RESULT tag=97 err=0 
text=
Mar 15 16:38:45 localhost slapd[3234]: conn=19 op=4 SRCH 
base="o=virtual_domain" scope=2 filter="(uid=test)"
Mar 15 16:38:45 localhost slapd[3234]: conn=19 op=4 SRCH attr=dn
Mar 15 16:38:45 localhost slapd[3234]: conn=19 op=4 SEARCH RESULT 
tag=101 err=0 nentries=0 text=

imapd.conf (/etc/)
==================

# SASL Features
sasl_maximum_layer:             256
sasl_minimum_layer:             0
sasl_pwcheck_method:            saslauthd
sasl_mech_list:                 PLAIN

# Virtual Domain Support
# Default domain
defaultdomain:                  imsmaxims.com

# Toggle virtual domains or or off
# tried both userid and yes and on
virtdomains:                    userid

saslauthd.conf (/etc/)
======================
ldap_servers:   ldap://127.0.0.1/
ldap_bind_dn:   cn=manager, o=virtual_domain
ldap_bind_pw:   secret
ldap_search_base: o=virtual_domain
ldap_version:   3
ldap_filter:    (uid=%u) --------> have tried %U@%d also
ldap_scope:     sub

Cyrus.conf (/usr/lib/sasl2/)
============================
pwcheck_method:saslauthd


-- 

====================================================================
Julian W H Osborne
IMS MAXIMS Plc
Sandymount, Station Road, Woburn Sands, MK17 8RR, UK
Tel: +44 (0)1908 588800 Fax: +44 (0)1908 588819

Clara House, Glenageary Park, Glenageary, Dublin, Ireland
Tel: +353 (0)1 2840555 Fax: +353 (0)1 2840829

http://www.imsmaxims.com/
====================================================================
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list