user and realm splitting in cyrus/ldap
Marten Lehmann
lehmann at cnm.de
Mon Dec 25 19:44:30 EST 2006
Hello,
> In my case it is:
> ldap_filter:
> (&(umMailObjectStatus=enabled)(umCyrusStatus=enabled)(umLogin=%u%R))
>
> So that it looks for user at domain.com
thanks. I'm using saslauthd with the -r option now as Simon adviced but
your combination with the "enabled" status is interesting. I also
planned to include this because we want to be able to disabled certain
accounts but there is one catch with it: The user just sees
"authentication failure". So he might think something is wrong with our
servers although we blocked his account intentionally.
Is there a way to include an own, special error message? I would like to
distinguish between
1) Login ok
2) Account doesn't exist
3) Account temporarily disabled
Where does Cyrus get the error message from?
With testsaslauthd I get:
0: NO "authentication failed"
Cyrus IMAP says:
x NO Login failed: authentication failure
On successful logins testsaslauthd gives:
0: OK "Success."
While Cyrus IMAP responds with:
x OK User logged in
Is there any way to change this?
Regards
Marten
More information about the Info-cyrus
mailing list