IMTEST OpenLDAP, a clarification.

O Plameras oscarp at acay.com.au
Mon Oct 31 15:56:56 EST 2005 

Igor Brezac wrote:

>
>
> On Mon, 31 Oct 2005, O Plameras wrote:
>
>> Hi,
>>
>> I've used imtest in testing my Cyrus-IMAPD setup and I noticed
>> what seems to be strange, which I'll explain after I've stated
>> my setup.
>>
>> My setup
>>
>> 1. OS - Fedora Core 4 - kernel-2.6.13-1.1526_FC4
>> 2. OpenLDAP-2.2.29-1.FC4
>> 3. Cyrus-SASL-2.1.21-5_rhfc4
>> 4. Cyrus-IMAPD-2.2.12-6.fc4
>>
>> My OpenLDAP uses SASL-MECH digest-md5, e.g. these commands work
>> successfully:
>>
>> $ldapwhoami -Y digest-md5 -U oscarp -w password
>> $ldapwhoami -Y digest-md5 -U root -w secret
>>
>> My Cyrus-IMAPD config, /etc/imapd.conf has,
>>
>> configdirectory: /var/lib/imap
>> partition-default: /var/spool/imap
>> admins: root
>> sievedir: /var/lib/imap/sieve
>> sendmail: /usr/sbin/sendmail
>> hashimapspool: true
>> tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
>> sasl_pwcheck_method: auxprop
>> sasl_mech_list: digest-md5
>> sasl_auxprop_plugin: ldapdb
>> sasl_ldapdb_uri: ldap://hdtv.example.com.ex
>> sasl_ldapdb_id: root
>> sasl_ldapdb_pw: secret
>> sasl_ldapdb_mech: digest-md5
>>
>> Now, when I do,
>>
>> $imtest -u root localhost and use password 'secret' this works.
>> $imtest -u oscarp localhost and use password 'password' this does
>> not work.
>>
>> But this one works,
>> $imtest -u oscarp localhost and password 'secret'.
>>
>> When I created another user/password in OpenLDAP like
>> johnblue/hissecret and do,
>> $imtest -u johnblue localhost and use password 'hissecret' this does
>> not work either.
>>
>> But this one works,
>> $imtest -u johnblue localhost and password 'secret'.
>>
>> It appears that imtest requires the use of sasl_ldapdb_pw as password
>> no matter what user is used to have a successful imtest.
>>
>> Is this the intention ?
>>
>> Please note that when using the same setup to check emails
>> with thunderbird for example they work correctly.
>>
>
> You are not using imtest properly. You are basically running proxy 
> autorization as root. Use imtest -a johnblue localhost
>


Thanks.

More information about the Info-cyrus mailing list