auth failure with cyrus, saslauthd, pam and ldap
Simon Matter
simon.matter at ch.sauter-bc.com
Sat May 21 14:22:52 EDT 2005
> Hi list,
>
> i ran into serious trouble getting the following setup to work:
> Centos 4 OS (Redhat Enterprise 4 compatible)
> OpenXchange 0.8.0-2 (web frontend for mail + groupware)
> Openldap
> Cyrus-Imap
> Samba
>
> First of all i like to say that installing OpenXchange with cyrus and
> openldap
> went fine - and did work without problems !
> Today i wanted to add samba to my setup and now i get auth_failures with
> cyrus-imap rendering the imap server useless :-(
> I don't think its a problem with OX but rather with cyrus+ldap or PAM in
> general !
>
> Some config files involved:
>
> --------------- /etc/sysconfig/imapd.conf------------
This is a typo here, right? It should be /etc/sysconfig/saslauthd
> SOCKETDIR=/var/run/saslauthd
> MECH=pam
> FLAGS
> -------------------
>
> In fact some stuff like "getent passwd" works - so basically access to
> ldap is
> okay ! (At least for nsswitch)
> Also the Web interface of OpenXchange does work with the same ldap user
> accounts !
>
> However all arround cyrus (imap, sieve, ...) or PAM seems to be broken !
> Why ?
>
> When i try to log on with my user account into e.g. imap or
> sieve /var/log/messages reports:
> May 21 18:39:09 saturn saslauthd[3046]: do_auth     : auth
> failure:
> [user=mhoffmann] [service=imap] [realm=] [mech=pam] [reason=PAM auth
> error]
> May 21 18:39:35 saturn imap(pam_unix)[3047]: check pass; user unknown
> May 21 18:39:35 saturn imap(pam_unix)[3047]: authentication failure;
> logname=
> uid=0 euid=0 tty= ruser= rhostMay 21 18:39:37 saturn saslauthd[3047]:
> do_auth     : auth failure:
> [user=mhoffmann] [service=imap] [realm=] [mech=pam] [reason=PAM auth
> error]
>
> So imap and sieve are not usable anymore :-(
>
> I'm afraid the system itself does not really accept the users:
> #getent passwd | grep mhoffmann
> mhoffmann:x:502:500:Martin Hoffmann:/home/mhoffmann/:/bin/bash
>
> Seems okay to me !
>
> However login / su / chmod with this user fails:
> # chown mhoffmann testfile
> chown: âmhoffmannâ: ungültiger Benutzer
> (= unknown user)
>
> # su mhoffmann
> su: Benutzer mhoffmann existiert nicht
> (= user mhoffmann does not exist)
>
> Any clues ?
>
> I hope it's not one of those silly questions but i've been searching the
> net
> up and down for hours now - sadly without luck ...
> Is there a way to further debug this ? I mean what's exactly happening for
> cyrus / saslauthd ?
Well, maybe you should start with testsaslauthd here. Like
testsaslauthd -u mhoffmann -p mypasswd -s imap
Also, starting saslauthd in debug mode should be helpful.
Simon
>
> Any help welcome :-)
>
> Martin
> --
> Ferengi Rule of Acquisition Number 58:
> There is no substitute for success.
>
> ---
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
>
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list