More Virtual Domains, SASL and LDAP
Igor Brezac
igor at ipass.net
Tue May 17 23:56:29 EDT 2005
On Tue, 17 May 2005, Bill MacAllister wrote:
> Hello,
>
> We are having trouble getting our hands around using Virtual Domains with
> LDAP. We have Cyrus IMAP server working as we expect, but the SASL
> configuration is a bit of a puzzle. We have assigned each virtual domain an
> IP address. I would like to connect to the ldap server and set the base
> using a saslauthd.conf file like:
>
> ldap_servers: ldap://ldap.%r
This will not work. %r will not expand...
> ldap_search_base: ou=people,dc=%2,dc=%1
> ldap_filter: uid=%u
>
> This does not seem to work. I never see any attempt to contact the LDAP
> server. What I see in /var/local/messages is:
>
> May 17 00:14:09 bb2 saslauthd[32500]: do_auth : auth failure:
> [user=weezer] [service=imap] [realm=foo.com] [mech=ldap] [reason=Unknown]
>
> I never did see any documentation saying that %r, %1-%9 where useful anywhere
> else by in the filter, but there is a note about using realms with ldap.
Which documentation are you reading? See
$cyrus-sasl-src/saslauthd/LDAP_SASLAUTHD
> Should I expect to be able to set the servers and base using the meta
> characters? If this is not possible how do I get sasl to support multiple
> search bases and/or multiple LDAP servers?
You can use tokens in search bases, but not in ldap_servers...
--
Igor
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list