cross-realm login denied?

Bill Kearney wkearney99 at
Thu Nov 24 13:52:01 EST 2005


I'm trying to use cyrus to connect using user at domain1.tld where domain1.tld
might be one of several domains.  I'm trying to do the lookup using:

sasl_sql_select: select accountuser.password from accountuser, virtual on
accountuser.username=virtual.username where virtual.alias='%u@%r'

When tested using the mysql client that select query does return a valid
record.  But when I try logging in that way using IMAP it reports:

Nov 24 13:46:08 mailserver imap[11184]: cross-realm login user at domain1.tld

It would appear 'something' in the process is deciding to split apart the
login username and then noticing it's not the 'correct' domain.  The
question is, what is making that decision and what data is it basing it's
decision upon?

The /etc/imapd.conf file defaultdomain: value does not appear to influence
this.  When I set it to the same 'domain1.tld' as one being requested it
STILL complains about it being cross-realm.  The hostname.domain of the box
itself IS different.  The box is on domain2.tld and the incoming request is
for domain1.tld.

So what gives here?  What can I configure to let it login using what might
be different domains?

-Bill Kearney

More information about the Info-cyrus mailing list