Passing full userid or realm to SASL

Edward Rudd eddie at
Thu Oct 6 10:28:58 EDT 2005

On Wed, 2005-10-05 at 10:40 -0500, Marcus I. Ryan wrote:
> imapd.conf includes:
> virtdomains: userid
> defaultdomain:
> sasl_pwcheck_method: saslauthd
> sasl_auto_transition: no
> sasl_mech_list: plain login
> unixhierarchysep: yes

Now, are you having issues with the domain? or another
virtual domain?  If you have no need to have in the
"default" domain in cyrus' virutal server setup, I'd highly suggest not
setting defaultdomain. as it could possibly be something with the
defaultdomain handling where cyrus decides not to send the realm.

> The rest of the settings I would think aren't related; paths, etc.
> The ldap filter in saslauthd is set for:
> ldap_search_base: ou=%d,<base org>
> ldap_scope: sub
> ldap_auth_method: custom
> ldap_filter: (mailRoutingAddress=%u)

Try ldap_filter: (mailRoutingAddress=%u@%r)

That is what I use in my setup and it works.

> Though I tried without to make sure that wasn't the problem, I run 
> saslauthd with the -r flag, so realm should be appended to the userid 
> if passed.

try running w/o the -r flag and with the changes I'v suggested above

Edward Rudd <eddie at>

More information about the Info-cyrus mailing list