Solved: Virtual users setup

Sun Advocate Webmaster webmaster at sunad.com
Tue May 17 18:55:09 EDT 2005


I haven't exactly been following this topic, so forgive me if this has 
already been mentioned, or if I'm missing the issue, but I have 
'virtdomains: userid' (versus virtdomains: yes) in my imapd.conf, and it 
allows multiple domains on one IP. I have 4 or 5 domains (virtual setup) 
on our server, and it runs just fine.

Jason



ogjunk-cyrus at yahoo.com wrote:
> Note:
> 
> My solution, described below, is only a solution for "virtual users".
> I still haven't found any docs/info about configuring Cyrus for
> multiple "virtual domains".
> 
> Well, I found this:
> http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html
> 
> But that seems to require me to have a machine with multiple IPs/NICs.
> 
> Can one configure Cyrus to handle multiple virtual domains on a machine
> with just 1 IP?
> 
> Thanks,
> Otis
> 
> 
> --- ogjunk-cyrus at yahoo.com wrote:
> 
> 
>>Here is my solution (plain text password passing only.....hm):
>>
>>1. /etc/imapd.conf:
>>
>>   sasl_pwcheck_method: auxprop   # NOT saslauthd
>>   sasl_mech_list: PLAIN
>>   allowplaintext: yes
>>
>>2. service saslauthd stop         # saslauthd is not needed 
>>
>>3. /etc/pam.d/imap:
>>
>>#%PAM-1.0
>>auth       required     /lib/security/pam_stack.so
>>service=system-auth
>>#account   required     /lib/security/pam_stack.so
>>service=system-auth
>>## the account line would require a real system/UNIX account
>>## the auth line lets me create "virtual users"
>>
>>4. create users / passwords in sasldb2:
>>
>># saslpasswd2 -c feedback
>>Password:
>>Again (for verification):
>>
>># sasldblistusers2
>>feedback at localhost.localdomain: userPassword
>>
>>5. test username / password:
>>
>># /usr/lib/cyrus-imapd/imtest -a feedback -w PASSWORDHERE  localhost
>>S: * OK localhost.localdomain Cyrus IMAP4
>>v2.2.6-Invoca-RPM-2.2.6-2.FC3.6 server ready
>>C: C01 CAPABILITY
>>S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
>>NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
>>BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
>>STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPES: C01 OK Completed
>>C: L01 LOGIN feedback {12}
>>S: + go ahead
>>C: <omitted>
>>S: L01 OK User logged in
>>Authenticated.
>>Security strength factor: 0
>>C: Q01 LOGOUT
>>Connection closed.
>>
>>
>>
>>So that works without actually having "feedback" system user:
>>
>># finger feedback
>>finger: feedback: no such user.
>>
>>
>>Now ... this uses plain-text passwords, from what I understand.  I
>>assume that refers to how they are stored in /etc/sasldb2 - Oh, yes,
>>"strings /etc/sasldb2" shows them all very clearly! :(((
>>
>>Hm, how does one go about encrypting that...
>>
>>Thanks,
>>Otis
> 
> 
> ---
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
> 
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html




More information about the Info-cyrus mailing list