cyrus-imapd + sasl + ldap
Rudy Gevaert
Rudy.Gevaert at UGent.be
Wed May 10 10:47:06 EDT 2006
Hello,
I have configured sasl 2.1.19 (the one that is in Debian) to use LDAP.
This works as my gives an OK:
jura:/# testsaslauthd -u testuser1 at mail.ugent.be -p pass
0: OK "Success."
saslauthd[4147] :do_auth : auth success:
[user=testuser1 at mail.ugent.be] [service=imap] [realm=] [mech=ldap]
saslauthd[4147] :do_request : response: OK
And this doesn't work.
jura:/# testsaslauthd -u testuser1 -r mail.ugent.be -p pass
0: NO "authentication failed
saslauthd[4145] :get_accept_lock : acquired accept lock
saslauthd[4147] :rel_accept_lock : released accept lock
saslauthd[4147] :do_auth : auth failure: [user=testuser1]
[service=imap] [realm=mail.ugent.be] [mech=ldap] [reason=Unknown]
saslauthd[4147] :do_request : response: NO
I have configured cyrus-imapd's imapd.conf file with:
sasl_pwcheck_method: saslauthd
and
virtdomains: userid
I would now suspect that when login into the imap server, would work.
But it doesn't. I must have missed something. E.g. I'm using mutt to
access the mailbox: mutt -f imap://mail1.ugent.be
and enter testuser1 at mail.ugent.be als username. This doesn't let me in.
I see in the logs from sasl:
saslauthd[4145] :rel_accept_lock : released accept lock
saslauthd[4146] :get_accept_lock : acquired accept lock
saslauthd[4145] :do_auth : auth failure: [user=testuser1]
[service=imap] [realm=mail.ugent.be] [mech=ldap] [reason=Unknown]
saslauthd[4145] :do_request : response: NO
As debug output of case 2 and 3 is the same, I think they are the same
problem.
What do I need to do to get this working?
Thanks in advance,
Rudy
PS I can't upgrade to the latest sasl to test the auxprop plugin because
this isn't in Debian stable yet.
--
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Rudy Gevaert e-mail: Rudy.Gevaert at UGent.be
Directie ICT, Afdeling Infrastructuur
Groep Systemen tel: +32 9 264 4734
Universiteit Gent / Ghent University fax: +32 9 264 4994
Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
More information about the Info-cyrus
mailing list