More Virtual Domains, SASL and LDAP

Bill MacAllister post+cyrus at
Tue May 17 17:18:45 EDT 2005


We are having trouble getting our hands around using Virtual Domains with 
LDAP.  We have Cyrus IMAP server working as we expect, but the SASL 
configuration is a bit of a puzzle.  We have assigned each virtual domain 
an IP address.  I would like to connect to the ldap server and set the base 
using a saslauthd.conf file like:

ldap_servers: ldap://ldap.%r
ldap_search_base: ou=people,dc=%2,dc=%1
ldap_filter: uid=%u

This does not seem to work.  I never see any attempt to contact the LDAP 
server.  What I see in /var/local/messages is:

May 17 00:14:09 bb2 saslauthd[32500]: do_auth         : auth failure: 
[user=weezer] [service=imap] [] [mech=ldap] [reason=Unknown]

I never did see any documentation saying that %r, %1-%9 where useful 
anywhere else by in the filter, but there is a note about using realms with 
ldap.  Should I expect to be able to set the servers and base using the 
meta characters?  If this is not possible how do I get sasl to support 
multiple search bases and/or multiple LDAP servers?

Thanks in advance,


| Bill MacAllister
| 14219 Auburn Road
| Grass Valley, CA 95949
| 530-272-8555
Cyrus Home Page:
Cyrus Wiki/FAQ:
List Archives/Info:

More information about the Info-cyrus mailing list