Mapping users (either KerberosV or TLS certs)

Wesley Craig wes at
Thu Jul 6 11:17:15 EDT 2006

On 05 Jul 2006, at 20:02, Phil Pennock wrote:
> can anyone
> please explain how to configure Cyrus so that a KerberosV /admin
> principal can be treated as a Cyrus admin user?  I've tried inserting
> various entries into sasldb to back this up, putting things into
> /etc/krb5.equiv as well as various values for "admins:" and I'm  
> stumped.

I do this, and I'm pretty no changes to sasldb or krb5.equiv were  
necessary.  AFAIK, all we did was mention the IDs in imapd.conf.

	# administrative principals
	admins: imap/ imap/ imap/ imap/

	# front-end hosts
	proxyservers: imap/ imap/

More or less.

>  badlogin: [] GSSAPI [SASL 
> (-13): authentication failure: bad userid authenticated]

SASL errors like this typically have a corresponding error reported  


More information about the Info-cyrus mailing list