cyrus sasl realm problem
georg_1 at have2.com
Sat Oct 1 07:25:11 EDT 2005
I have an old server with about 50 mail users, which uses cyrus imapd
with sasl and pam_mysql. The server settings are:
On the new server, I want users to be able to log in with their email
addresses as username, but I want to let the old users use their old
username/password combinations. So I set
sasl_sql_select: SELECT password FROM accountuser WHERE username = '%u@%r'
This works well. But I want to migrate the old account to the new
machine. As I understand the docs, this should work, because username
without realm are used with defaultdomain as result. But this doesn't
happen for sasl authentication.
Let's say I have user georg with password georgpass on the old server. I
thought on the new server, I would leave the mailbox on cyrus like
user/georg, and for auth in the mysql database I would just add to each
username the @servername.domainname.com, so that if the default domain
is added to the username we should be able to log in.
But something else happens (trying to use the pop server):
If I log in from a remote computer, reading the debug log, I see that
the user is being tested with domainname.com as realm (username:
georg at domainname.com).
But if I log in from localhost, no realm is added(username: georg).
What I don't understand after spending much time reading the docs is this:
Who adds the realm, imapd or sasl? And why are they different depending
on the location from where I try to log in? And whatever adds the realm,
how is it decided what to use? And finally, how can I change it?
Thanks in advance!
More information about the Info-cyrus