no global admin with virtual domains? [was Re: saslpasswd and
virtual domains]
Rudy Gevaert
Rudy.Gevaert at UGent.be
Tue May 16 05:39:31 EDT 2006
Hi Baltasar!
former03 | Baltasar Cevc wrote:
> Hi Rudy,
>
> On 15.05.2006, at 08:49, Rudy Gevaert wrote:
>
>> mitrohin a.s. wrote:
>>
>>> defaultdomain always is removed from username. imho, sasl routines
>>> use hostname as realm for this case.
>>
>>
>>
>> Sadly If I set the default domain to the hostname from the machine and
>> add the user 'cyrus' with saslpasswd it can't login yet.
>>
>> jura:/mail/mail1# cat etc/imapd.conf:
>> defaultdomain: jura
>> admins: cyrus at mail.ugent.be cyrus
>
> The first address would be the virtual domain admin of mail.ugent.be,
> the second is a global admin - you have to set a SASL secret for
> cyrus@<servername>. In case your servername is mail.ugent.be you should
> delete the first entry.
> I haven't completely undestood the domain conversions, however, if I'm
> not misunderstood, defaultdomain has only one function: to be replaced
> by the servername - meaning that in your example if you try to login as
> user1 at jura, you'd end up with the same result as user1 at mail.ugent.be
> (supposing that that's your servername).
>
> Hope that helps,
It gave me a bit of help. The hostname of the server is jura so I have
added a user cyrus at jura to the /etc/sasldb2 file. I have removed the
default domain parameter.
jura:/usr/lib/sasl2# sasldblistusers2
cyrus at jura: userPassword
cyrus at mail.ugent.be: userPassword
jura:/usr/lib/sasl2# head /mail/mail1/etc/imapd.conf
admins: cyrus cyrus at mail.ugent.be
allowanonymouslogin: no
altnamespace: yes
configdirectory: /mail/mail1/var/imap
#defaultdomain: mail.ugent.be
defaultpartiton: default
duplicatesuppression: 1
expunge_mode: delayed
hashimapspool: 1
mboxkey_db: skiplist
I can now log in as cyrus at mail.ugent.be and cyrus at jura:
jura:/usr/lib/sasl2# cyradm -u cyrus at mail.ugent.be mail1.ugent.be
Password:
mail1.ugent.be> lm
user/foo.bar (\HasNoChildren) user/rudy.gevaert (\HasNoChildren)
user/foo.fafa (\HasNoChildren) user/testuser2 (\HasNoChildren)
mail1.ugent.be> quit
jura:/usr/lib/sasl2# cyradm -u cyrus at jura mail1.ugent.be
Password:
mail1.ugent.be> lm
mail1.ugent.be> cm user/fifie
createmailbox: Permission denied
mail1.ugent.be> cm user/fifie at jura
createmailbox: Permission denied
mail1.ugent.be> cm user/fifi at mail.ugent.be
createmailbox: Invalid mailbox name
mail1.ugent.be> quit
But as you can see the cyrus at jura user doesn't list any mailboxes or
create any mailboxes.
Does anybody have any clues?
--
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Rudy Gevaert e-mail: Rudy.Gevaert at UGent.be
Directie ICT, Afdeling Infrastructuur
Groep Systemen tel: +32 9 264 4734
Universiteit Gent / Ghent University fax: +32 9 264 4994
Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
More information about the Info-cyrus
mailing list