cyrus Global administrator

Jesus Ruiz darth.timeus at gmail.com
Fri Sep 16 16:44:40 EDT 2005


Sure here is ti:
 mech_list: PLAIN LOGIN SHADOW DIGEST-MD5 GSSAPI CRAM-MD5
ldap_servers: ldap://localhost/ ldaps://localhost/
ldap_bind_dn: cn=Admin,dc=axsbolivia,dc=com
ldap_bind_pw: private
ldap_search_base: dc=axsbolivia,dc=com
log_level: 9

 On 9/14/05, Lan Tran <llt at recol.com> wrote: 
> 
> Hi Jesus,
> 
> I'm running into same problem. Could you kindly send me your
> saslauthd.conf file. Many thanks!
> 
> Lan
> 
> ----- Original Message -----
> From: "Jesus Ruiz" <darth.timeus at gmail.com>
> To: "Igor Brezac" <igor at ipass.net>; "Cyrus Email System"
> <info-cyrus at lists.andrew.cmu.edu>
> Sent: Thursday, September 08, 2005 11:48 AM
> Subject: Re: cyrus Global administrator
> 
> 
> Ok, i change to the defaultdomain as you said. now the file look like
> this:
> configdirectory: /var/lib/imap
> partition-default: /var/spool/imap
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN LOGIN
> admins: cyrus
> allowanonymouslogin: no
> sievedir: /var/lib/imap/sieve
> sendmail: /usr/sbin/sendmail
> hashimapspool: true
> lmtp_downcase_rcpt: 1
> lmtp_over_quota_perm_failure: 1
> autocreatequota: 5120
> virtdomains: yes
> defaultdomain: acelerate.org <http://acelerate.org> <http://acelerate.org>
> tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
> tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
> tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
> 
> now when i connect using:
> [root at mail ~]# cyradm -u cyrus --server localhost --auth plain
> Password:
> IMAP Password:
> localhost.localdomain> dm user.postmaster1
> deletemailbox: Permission denied
> localhost.localdomain> cm user.postmaster at acelerate.org
> createmailbox: Invalid mailbox name
> localhost.localdomain> cm user.postmaster at acelerate.net
> createmailbox: Invalid mailbox name
> This is the ldap log:
> daemon: activity on 1 descriptors
> daemon: new connection on 14
> conn=2 fd=14 ACCEPT from IP=127.0.0.1:37881 <http://127.0.0.1:37881> <
> http://127.0.0.1:37881>
> (IP=
> 0.0.0.0:389 <http://0.0.0.0:389> <http://0.0.0.0:389>)
> daemon: added 14r
> daemon: activity on:
> daemon: select: listen=6 active_threads=0 tvp=NULL
> daemon: select: listen=7 active_threads=0 tvp=NULL
> daemon: activity on 1 descriptors
> daemon: activity on: 14r
> daemon: read activity on 14
> connection_get(14)
> connection_get(14): got connid=2
> connection_read(14): checking for input on id=2
> ber_get_next
> ldap_read: want=8, got=8
> 0000: 30 3d 02 01 01 60 38 02 0=...`8.
> ldap_read: want=55, got=55
> 
> ber_get_next: tag 0x30 len 61 contents:
> ber_dump: buf=0x081995b8 ptr=0x081995b8 end=0x081995f5 len=61
> 
> ber_get_next
> ldap_read: want=8 error=Resource temporarily unavailable
> ber_get_next on fd 14 failed errno=11 (Resource temporarily
> unavailable)
> do_bind
> daemon: select: listen=6 active_threads=0 tvp=NULL
> daemon: select: listen=7 active_threads=0 tvp=NULL
> ber_scanf fmt ({imt) ber:
> ber_dump: buf=0x081995b8 ptr=0x081995bb end=0x081995f5 len=58
> 
> ber_scanf fmt (m}) ber:
> ber_dump: buf=0x081995b8 ptr=0x081995e7 end=0x081995f5 len=14
> 0000: 00 0c 33 75 72 30 35 33 74 65 6f 6f 73 35 ..3ur053teoos5
> >>> dnPrettyNormal: <cn=Administrator,dc=axsbolivia,dc=com>
> => ldap_bv2dn(cn=Administrator,dc=axsbolivia,dc=com,0)
> <= ldap_bv2dn(cn=Administrator,dc=axsbolivia,dc=com,0)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=Administrator,dc=axsbolivia,dc=com,272)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=administrator,dc=axsbolivia,dc=com,272)=0
> <<< dnPrettyNormal: <cn=Administrator,dc=axsbolivia,dc=com>,
> <cn=administrator,dc=axsbolivia,dc=com>
> do_bind: version=3 dn="cn=Administrator,dc=axsbolivia,dc=com"
> method=128
> conn=2 op=0 BIND dn="cn=Administrator,dc=axsbolivia,dc=com" method=128
> ==> bdb_bind: dn: cn=Administrator,dc=axsbolivia,dc=com
> conn=2 op=0 BIND dn="cn=Administrator,dc=axsbolivia,dc=com"
> mech=SIMPLE
> ssf=0
> do_bind: v3 bind: "cn=Administrator,dc=axsbolivia,dc=com" to
> "cn=Administrator,dc=axsbolivia,dc=com"
> send_ldap_result: conn=2 op=0 p=3
> send_ldap_result: err=0 matched="" text=""
> send_ldap_response: msgid=1 tag=97 err=0
> ber_flush: 14 bytes to sd 14
> 0000: 30 0c 02 01 01 61 07 0a 01 00 04 00 04 00 0....a........
> ldap_write: want=14, written=14
> 0000: 30 0c 02 01 01 61 07 0a 01 00 04 00 04 00 0....a........
> conn=2 op=0 RESULT tag=97 err=0 text=
> daemon: activity on 1 descriptors
> daemon: activity on: 14r
> daemon: read activity on 14
> connection_get(14)
> connection_get(14): got connid=2
> connection_read(14): checking for input on id=2
> ber_get_next
> ldap_read: want=8, got=8
> 0000: 30 4a 02 01 02 63 45 04 0J...cE.
> ldap_read: want=68, got=68
> 0000: 14 64 63 3d 61 78 73 62 6f 6c 69 76 69 61 2c 64 .dc=axsbolivia,d
> 0010: 63 3d 63 6f 6d 0a 01 02 0a 01 00 02 01 01 02 01 c=com...........
> 0020: 05 01 01 00 a3 18 04 03 75 69 64 04 11 63 79 72 ........uid..cyr
> 0030: 75 73 40 6c 6f 63 61 6c 64 6f 6d 61 69 6e 30 04 us at localdomain0.
> 0040: 04 02 64 6e ..dn
> ber_get_next: tag 0x30 len 74 contents:
> ber_dump: buf=0x08199638 ptr=0x08199638 end=0x08199682 len=74
> 0000: 02 01 02 63 45 04 14 64 63 3d 61 78 73 62 6f 6c ...cE..dc=axsbol
> 0010: 69 76 69 61 2c 64 63 3d 63 6f 6d 0a 01 02 0a 01 ivia,dc=com.....
> 0020: 00 02 01 01 02 01 05 01 01 00 a3 18 04 03 75 69 ..............ui
> 0030: 64 04 11 63 79 72 75 73 40 6c 6f 63 61 6c 64 6f d..cyrus at localdo
> 0040: 6d 61 69 6e 30 04 04 02 64 6e main0...dn
> ber_get_next
> ldap_read: want=8 error=Resource temporarily unavailable
> do_search
> ber_get_next on fd 14 failed errno=11 (Resource temporarily
> unavailable)
> ber_scanf fmt ({miiiib) ber:
> daemon: select: listen=6 active_threads=0 tvp=NULL
> daemon: select: listen=7 active_threads=0 tvp=NULL
> ber_dump: buf=0x08199638 ptr=0x0819963b end=0x08199682 len=71
> 0000: 63 45 04 14 64 63 3d 61 78 73 62 6f 6c 69 76 69 cE..dc=axsbolivi
> 0010: 61 2c 64 63 3d 63 6f 6d 0a 01 02 0a 01 00 02 01 a,dc=com........
> 0020: 01 02 01 05 01 01 00 a3 18 04 03 75 69 64 04 11 ...........uid..
> 0030: 63 79 72 75 73 40 6c 6f 63 61 6c 64 6f 6d 61 69 cyrus at localdomai
> 0040: 6e 30 04 04 02 64 6e n0...dn
> >>> dnPrettyNormal: <dc=axsbolivia,dc=com>
> => ldap_bv2dn(dc=axsbolivia,dc=com,0)
> <= ldap_bv2dn(dc=axsbolivia,dc=com,0)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(dc=axsbolivia,dc=com,272)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(dc=axsbolivia,dc=com,272)=0
> <<< dnPrettyNormal: <dc=axsbolivia,dc=com>, <dc=axsbolivia,dc=com>
> SRCH "dc=axsbolivia,dc=com" 2 0 1 5 0
> begin get_filter
> EQUALITY
> ber_scanf fmt ({mm}) ber:
> ber_dump: buf=0x08199638 ptr=0x08199662 end=0x08199682 len=32
> 0000: a3 18 04 03 75 69 64 04 11 63 79 72 75 73 40 6c ....uid..cyrus at l
> 0010: 6f 63 61 6c 64 6f 6d 61 69 6e 30 04 04 02 64 6e ocaldomain0...dn
> end get_filter 0
> filter: (uid=cyrus at localdomain)
> ber_scanf fmt ({M}}) ber:
> ber_dump: buf=0x08199638 ptr=0x0819967c end=0x08199682 len=6
> 0000: 00 04 04 02 64 6e ....dn
> attrs: dn
> conn=2 op=1 SRCH base="dc=axsbolivia,dc=com" scope=2 deref=0 filter="(
> uid=cyrus at localdomain)"
> conn=2 op=1 SRCH attr=dn
> => bdb_search
> bdb_dn2entry("dc=axsbolivia,dc=com")
> search_candidates: base="dc=axsbolivia,dc=com" (0x00000001) scope=2
> => bdb_dn2idl( "dc=axsbolivia,dc=com" )
> => bdb_filter_candidates
> AND
> => bdb_list_candidates 0xa0
> => bdb_filter_candidates
> OR
> => bdb_list_candidates 0xa1
> => bdb_filter_candidates
> EQUALITY
> => bdb_equality_candidates (objectClass)
> => key_read
> bdb_idl_fetch_key: [b49d1940]
> <= bdb_index_read: failed (-30990)
> <= bdb_equality_candidates: id=0, first=0, last=0
> <= bdb_filter_candidates: id=0 first=0 last=0
> => bdb_filter_candidates
> EQUALITY
> => bdb_equality_candidates (uid)
> => key_read
> bdb_idl_fetch_key: [804f59b0]
> <= bdb_index_read 1 candidates
> <= bdb_equality_candidates: id=1, first=18, last=18
> <= bdb_filter_candidates: id=1 first=18 last=18
> <= bdb_list_candidates: id=1 first=18 last=18
> <= bdb_filter_candidates: id=1 first=18 last=18
> <= bdb_list_candidates: id=1 first=18 last=18
> <= bdb_filter_candidates: id=1 first=18 last=18
> bdb_search_candidates: id=1 first=18 last=18
> entry_decode: "uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> <= entry_decode(uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com)
> => bdb_dn2id( "ou=admin,dc=axsbolivia,dc=com" )
> <= bdb_dn2id: got id=0x00000007
> => bdb_dn2id( "uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com" )
> <= bdb_dn2id: got id=0x00000012
> => test_filter
> EQUALITY
> => access_allowed: search access to "
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com" "uid" requested
> <= root access granted
> <= test_filter 6
> => send_search_entry: dn="
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> => access_allowed: read access to "
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com" "entry" requested
> <= root access granted
> ber_flush: 62 bytes to sd 14
> 0000: 30 3c 02 01 02 64 37 04 33 75 69 64 3d 63 79 72 0<...d7.3uid=cyr
> 0010: 75 73 40 6c 6f 63 61 6c 64 6f 6d 61 69 6e 2c 6f us at localdomain,o
> 0020: 75 3d 61 64 6d 69 6e 2c 64 63 3d 61 78 73 62 6f u=admin,dc=axsbo
> 0030: 6c 69 76 69 61 2c 64 63 3d 63 6f 6d 30 00 livia,dc=com0.
> ldap_write: want=62, written=62
> 0000: 30 3c 02 01 02 64 37 04 33 75 69 64 3d 63 79 72 0<...d7.3uid=cyr
> 0010: 75 73 40 6c 6f 63 61 6c 64 6f 6d 61 69 6e 2c 6f us at localdomain,o
> 0020: 75 3d 61 64 6d 69 6e 2c 64 63 3d 61 78 73 62 6f u=admin,dc=axsbo
> 0030: 6c 69 76 69 61 2c 64 63 3d 63 6f 6d 30 00 livia,dc=com0.
> conn=2 op=1 ENTRY
> dn="uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> <= send_search_entry
> send_ldap_result: conn=2 op=1 p=3
> send_ldap_result: err=0 matched="" text=""
> send_ldap_response: msgid=2 tag=101 err=0
> ber_flush: 14 bytes to sd 14
> 0000: 30 0c 02 01 02 65 07 0a 01 00 04 00 04 00 0....e........
> ldap_write: want=14, written=14
> 0000: 30 0c 02 01 02 65 07 0a 01 00 04 00 04 00 0....e........
> conn=2 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
> daemon: activity on 1 descriptors
> daemon: activity on: 14r
> daemon: read activity on 14
> connection_get(14)
> connection_get(14): got connid=2
> connection_read(14): checking for input on id=2
> ber_get_next
> ldap_read: want=8, got=8
> 0000: 30 49 02 01 03 60 44 02 0I...`D.
> ldap_read: want=67, got=67
> 0000: 01 03 04 33 75 69 64 3d 63 79 72 75 73 40 6c 6f ...3uid=cyrus at lo
> 0010: 63 61 6c 64 6f 6d 61 69 6e 2c 6f 75 3d 61 64 6d caldomain,ou=adm
> 0020: 69 6e 2c 64 63 3d 61 78 73 62 6f 6c 69 76 69 61 in,dc=axsbolivia
> 0030: 2c 64 63 3d 63 6f 6d 80 0a 63 79 72 75 73 39 38 ,dc=com..cyrus98
> 0040: 31 32 33 123
> ber_get_next: tag 0x30 len 73 contents:
> ber_dump: buf=0x08199638 ptr=0x08199638 end=0x08199681 len=73
> 0000: 02 01 03 60 44 02 01 03 04 33 75 69 64 3d 63 79 ...`D....3uid=cy
> 0010: 72 75 73 40 6c 6f 63 61 6c 64 6f 6d 61 69 6e 2c rus at localdomain,
> 0020: 6f 75 3d 61 64 6d 69 6e 2c 64 63 3d 61 78 73 62 ou=admin,dc=axsb
> 0030: 6f 6c 69 76 69 61 2c 64 63 3d 63 6f 6d 80 0a 63 olivia,dc=com..c
> 0040: 79 72 75 73 39 38 31 32 33 yrus98123
> ber_get_next
> ldap_read: want=8 error=Resource temporarily unavailable
> ber_get_next on fd 14 failed errno=11 (Resource temporarily
> unavailable)
> do_bind
> daemon: select: listen=6 active_threads=0 tvp=NULL
> daemon: select: listen=7 active_threads=0 tvp=NULL
> conn=2 op=2 BIND anonymous mech=implicit ssf=0
> ber_scanf fmt ({imt) ber:
> ber_dump: buf=0x08199638 ptr=0x0819963b end=0x08199681 len=70
> 0000: 60 44 02 01 03 04 33 75 69 64 3d 63 79 72 75 73 `D....3uid=cyrus
> 0010: 40 6c 6f 63 61 6c 64 6f 6d 61 69 6e 2c 6f 75 3d @localdomain,ou=
> 0020: 61 64 6d 69 6e 2c 64 63 3d 61 78 73 62 6f 6c 69 admin,dc=axsboli
> 0030: 76 69 61 2c 64 63 3d 63 6f 6d 80 0a 63 79 72 75 via,dc=com..cyru
> 0040: 73 39 38 31 32 33 s98123
> ber_scanf fmt (m}) ber:
> ber_dump: buf=0x08199638 ptr=0x08199675 end=0x08199681 len=12
> 0000: 00 0a 63 79 72 75 73 39 38 31 32 33 ..cyrus98123
> >>> dnPrettyNormal:
> <uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com>
> => ldap_bv2dn(uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com,0)
> <= ldap_bv2dn(uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com,0)=0
> => ldap_dn2bv(272)
> <=
> ldap_dn2bv(uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com,272)=0
> => ldap_dn2bv(272)
> <=
> ldap_dn2bv(uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com,272)=0
> <<< dnPrettyNormal:
> <uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com>, <
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com>
> do_bind: version=3
> dn="uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> method=128
> conn=2 op=2 BIND
> dn="uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> method=128
> ==> bdb_bind: dn: uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com
> bdb_dn2entry("uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com")
> => access_allowed: auth access to "
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com" "userPassword"
> requested
> => access_allowed: backend default auth access granted to ""
> conn=2 op=2 BIND
> dn="uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> mech=SIMPLE ssf=0
> do_bind: v3 bind:
> "uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com" to "
> uid=cyrus at localdomain,ou=admin,dc=axsbolivia,dc=com"
> send_ldap_result: conn=2 op=2 p=3
> send_ldap_result: err=0 matched="" text=""
> send_ldap_response: msgid=3 tag=97 err=0
> ber_flush: 14 bytes to sd 14
> 0000: 30 0c 02 01 03 61 07 0a 01 00 04 00 04 00 0....a........
> ldap_write: want=14, written=14
> 0000: 30 0c 02 01 03 61 07 0a 01 00 04 00 04 00 0....a........
> conn=2 op=2 RESULT tag=97 err=0 text=
> On 9/8/05, Igor Brezac <igor at ipass.net> wrote:
> >
> >
> > On Thu, 8 Sep 2005, Jesus Ruiz wrote:
> >
> > > OK i changed the imapd.conf to this:
> > > configdirectory: /var/lib/imap
> > > partition-default: /var/spool/imap
> > > sasl_pwcheck_method: saslauthd
> > > sasl_mech_list: PLAIN LOGIN
> > > admins: cyrus cyrus at localdomain
> > > allowanonymouslogin: no
> > > sievedir: /var/lib/imap/sieve
> > > sendmail: /usr/sbin/sendmail
> > > hashimapspool: true
> > > lmtp_downcase_rcpt: 1
> > > lmtp_over_quota_perm_failure: 1
> > > autocreatequota: 5120
> > > virtdomains: yes
> > > defaultdomain: acelerate.org <http://acelerate.org> <
> http://acelerate.org> <
> > http://acelerate.org>
> >
> > This is not valid, use:
> >
> > defaultdomain: acelerate.org <http://acelerate.org> <
> http://acelerate.org>
> >
> > > tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
> > > tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
> > > tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
> > > but it didn't worked out.
> > > Can you give me any pointers, I'm a newbie using cyrus, sasl and
> > sendmail
> > > with ldap
> >
> > What errors do you get?
> >
> > Connect using cyrus at acelerate.org and create accts?
> >
> > -Igor
> >
> > > Thanks
> > >
> > > On 9/7/05, Igor Brezac <igor at ipass.net> wrote:
> > >>
> > >>
> > >> On Wed, 7 Sep 2005, Jesus Ruiz wrote:
> > >>
> > >>> Hello, i'm trying to configure a global administrator for
> cyrus-imapd,
> > >> but
> > >>> the only thing i get is an administrator that can create
> mailboxes
> > only
> > >> for
> > >>> his domain.
> > >>> My /etc/imapd.conf is:
> > >>> configdirectory: /var/lib/imap
> > >>> partition-default: /var/spool/imap
> > >>> sasl_pwcheck_method: saslauthd
> > >>> sasl_mech_list: DIGEST-MD5
> > >>
> > >> This will not work. You cannot use saslauthd for shared secret
> mechs.
> > >>
> > >>> admins: cyrus at localdomain
> > >>
> > >> global admins need to be unqualified.
> > >>
> > >>> allowanonymouslogin: no
> > >>> sievedir: /var/lib/imap/sieve
> > >>> sendmail: /usr/sbin/sendmail
> > >>> hashimapspool: true
> > >>> lmtp_downcase_rcpt: 1
> > >>> lmtp_over_quota_perm_failure: 1
> > >>> autocreatequota: 5120
> > >>> virtdomains: yes
> > >>> tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
> > >>> tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
> > >>> tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
> > >>> When i try to create a mailbox for another domain i get:
> > >>> createmailbox: Invalid mailbox name
> > >>> Thank you very much.
> > >>>
> > >>
> > >> --
> > >> Igor
> > >>
> > >
> >
> > --
> > Igor
> >
> 
> 
> 
> ----------------------------------------------------------------------
> ----------
> 
> 
> > ----
> > Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> > Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
> 
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20050916/232b44d4/attachment.html


More information about the Info-cyrus mailing list