2.3.6: cannot administer the murder

Andrew Findlay andrew.findlay at skills-1st.co.uk
Tue Jul 4 16:40:09 EDT 2006

On Tue, Jul 04, 2006 at 08:28:54PM +0100, Andrew Findlay wrote:

> I am having great difficulty in getting cyradm to work properly
> with a 2.3.6 murder. This is a 'standard' murder with separate
> front-end, backends, and mupdate server. 'virtdomains: userid' is in
> effect. Operations done by ordinary users are OK; I only have trouble
> with admin ops.

> 	fe1.srv.tile> cm user/n7 at fred.com ms1.srv.tile
> 	createmailbox: Permission denied

I am beginning to suspect that the problem is due to the frontend
using IMAP AUTHENTICATE where the client code uses LOGIN. The
code-paths are different, and it looks as if the imapd_userisadmin
and imapd_userisproxyadmin variables in imapd.c are not getting set
in the AUTHENTICATE case.

This probably means that there is some SASL config that I need to do
to define the admins as well as setting the admins item in imapd.conf
- auth_mech perhaps?

The frontends use DIGEST-MD5 when authenticating to the backends, but
then they use exactly the same when authenticating to the mupdate
master, and that does treat them as admins!

Can anyone suggest where to look next?


|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |

More information about the Info-cyrus mailing list