does xfer require murder?

Perry Brown vbperry at hotmail.com
Fri Apr 14 15:55:33 EDT 2006 

Thank you for the reply. Some follow up questions. (sorry to be so dense I'm 
making this change on production servers so wanted to make sure I've got it 
right).


SASL is running as: /usr/sbin/saslauthd -m /var/run/saslauthd -a pam

Our pam.d configs for both imap and pop look like
auth       required     /lib/security/pam_stack.so service=system-auth
account    required     /lib/security/pam_stack.so service=system-auth


Looking at the install-murder doc I should set up all the boxes like they 
where frontends? (I pasted in what I think will only apply to my set up from 
install-murder).



Additional backend configuration
If your authentication system requires usernames, passwords, etc, to 
authenticate (e.g. it isn't Kerberos), then you will also need to specify 
proxy_authname (and friends) in the backend imapd.confs as well. This is so 
that the backends can authenticate to eachother to facilitate maibox moves. 
(Backend machines will need to be full admins).

In short I just need to set up a common user account in the OS on each box 
and define the user as proxy_authname: and put the password for that account 
listed as host1_password: and host2_password etc....

Do I need to add this proxy_authname to imapd.conf admins: as well for the 
full admins requirement?


Thank you
Perry

Perry Brown wrote:
>Hi All,
>
>We are running cyrus-imap 2.2.8 and sasl 2.1.15. We have two RHEL 3 servers 
>with about 4800 users split between them.
>
>I am looking to migrate the users to 2 new RHEL3 hosts with the same 
>cyrus-imap and sasl versions. I added the allowusermoves to imapd.conf 
>restarted cyrus and tried to do a test move.
>
>
>host1.domain.com> xfer user/ host2.domain.com
>xfermailbox: Mailbox does not exist
>
>
>Both cyrus-imap and cyrus-sasl where compiled with --enable-murder (least 
>that is what my notes say is there a way to verify?), but it looks like 
>murder has not been set up with a master or imapd.conf file changes.
>
>Question, Is it possible to xfer a mailbox without configuring murder?

Yes and no.  You don't need mupdate, but the backends need to know how
to authenticate to each other.  Look at install-murder.html and take a
look at the stuff regarding authentication.  Also note that you can't
XFER the entire user/ hierarchy with one command, you have to do it one
user at a time.  Assuming that you're using unixhierachysep, you would do:

xfer user/vbperry host2

More information about the Info-cyrus mailing list