Solved: Virtual users setup

Bill MacAllister post+cyrus at macallister.grass-valley.ca.us
Tue May 17 18:33:31 EDT 2005


You don't have to have multiple NIC's to have multiple IPs.  Even Windoze 
allows you to assign multiple addresses is a single interface.

You can configure Cyrus to support virtual domains with a single IP 
address, but your users will have to supply a username of the form 
"mailbox at vdomain".

Bill

--On Tuesday, May 17, 2005 02:45:11 PM -0700 ogjunk-cyrus at yahoo.com wrote:

> Note:
>
> My solution, described below, is only a solution for "virtual users".
> I still haven't found any docs/info about configuring Cyrus for
> multiple "virtual domains".
>
> Well, I found this:
> http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html
>
> But that seems to require me to have a machine with multiple IPs/NICs.
>
> Can one configure Cyrus to handle multiple virtual domains on a machine
> with just 1 IP?
>
> Thanks,
> Otis
>
>
> --- ogjunk-cyrus at yahoo.com wrote:
>
>> Here is my solution (plain text password passing only.....hm):
>>
>> 1. /etc/imapd.conf:
>>
>>    sasl_pwcheck_method: auxprop   # NOT saslauthd
>>    sasl_mech_list: PLAIN
>>    allowplaintext: yes
>>
>> 2. service saslauthd stop         # saslauthd is not needed
>>
>> 3. /etc/pam.d/imap:
>>
>> # %PAM-1.0
>> auth       required     /lib/security/pam_stack.so
>> service=system-auth
>> # account   required     /lib/security/pam_stack.so
>> service=system-auth
>> ## the account line would require a real system/UNIX account
>> ## the auth line lets me create "virtual users"
>>
>> 4. create users / passwords in sasldb2:
>>
>> # saslpasswd2 -c feedback
>> Password:
>> Again (for verification):
>>
>> # sasldblistusers2
>> feedback at localhost.localdomain: userPassword
>>
>> 5. test username / password:
>>
>> # /usr/lib/cyrus-imapd/imtest -a feedback -w PASSWORDHERE  localhost
>> S: * OK localhost.localdomain Cyrus IMAP4
>> v2.2.6-Invoca-RPM-2.2.6-2.FC3.6 server ready
>> C: C01 CAPABILITY
>> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
>> NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
>> BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
>> STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPES: C01 OK Completed
>> C: L01 LOGIN feedback {12}
>> S: + go ahead
>> C: <omitted>
>> S: L01 OK User logged in
>> Authenticated.
>> Security strength factor: 0
>> C: Q01 LOGOUT
>> Connection closed.
>>
>>
>>
>> So that works without actually having "feedback" system user:
>>
>> # finger feedback
>> finger: feedback: no such user.
>>
>>
>> Now ... this uses plain-text passwords, from what I understand.  I
>> assume that refers to how they are stored in /etc/sasldb2 - Oh, yes,
>> "strings /etc/sasldb2" shows them all very clearly! :(((
>>
>> Hm, how does one go about encrypting that...
>>
>> Thanks,
>> Otis
>
> ---
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html



+---------------------------------------------------
| Bill MacAllister
| 14219 Auburn Road
| Grass Valley, CA 95949
| 530-272-8555
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html




More information about the Info-cyrus mailing list