Replication problem
David Korpiewski
davidk at cs.umass.edu
Tue May 16 17:25:12 EDT 2006
Hello Patrick!
I set the sasl_pwcheck_method to be PLAIN from what it used to be
(saslauthd) on the replica server.
Still doesn't work though, it gives me this error:
badlogin: lmc1.cs.umass.edu [128.119.243.236] DIGEST-MD5 [SASL(-13):
user not found: no secret in database]
HISTORY:
our servers are set up with saslauthd for their sasl_pwcheck_method.
Saslauthd uses PAM for ldap authentication. This works fine for
receiving email and authenticating users with their mail clients.
However, this doesn't appear to work for sync_server when authenticating
the sync_client.
These are pieces of my replica's imapd.conf:
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
sync_authname: cyrus
sync_log: 1
sync_host: lmc2.cs.umass.edu
sync_repeat_interval: 5
sync_password: XXXXXXXXXX
Thank you for any help you can offer!
David
Patrick Radtke wrote:
>
> did you try setting
> sasl_pwcheck_method on the replica?
>
> 'unix' isn't a SASL mechanism.
>
> you may want to try PLAIN (what do you use currently on the primary
> server)?
>
> on the replica use this line
> sasl_mech_list: PLAIN
>
> to make it only advertise PLAIN authentication, and then the primary
> machine will try using that sasl mechanism when connecting.
> This will then invoke what you have for your sasl_pwcheck_method.
>
> -Patrick
>
> On May 16, 2006, at 3:47 PM, David Korpiewski wrote:
>
>> I'm in the middle of trying to set up replication. However, I keep
>> running into a problem.
>>
>> The replication error I'm getting on the replica is this if I don't
>> specify a sync_authname and sync_password:
>>
>> syncserver[7682]: starttls: TLSv1 with cipher AES256-SHA (256/256
>> bits new) no authentication
>>
>> I get this error if I'm specifying a sync_authname and sync_password:
>>
>> badlogin: lmc1.cs.umass.edu [128.119.243.236] DIGEST-MD5 [SASL(-13):
>> user not found: no secret in database]
>>
>> MY QUESTION IS THIS:
>> How can I change what sync_server uses for its authentication? I want
>> it to either use LDAP or the local passwd/shadow files. It obviously
>> keeps trying to use DIGEST-MD5, in which case it would have to look
>> for a md5 file in a particluar location, but I don't see how to
>> specify that either.
>>
>> I tried setting auth_mech and sasl_auth_mech to be "unix" in the
>> /etc/imapd.conf but that doesn't change anything.
>>
>> Can anyone help me?
>> Thanks,
>> David
>>
>>
>>
>> ----------------------------------------------------------
>> David Korpiewski Phone: 413-545-4319
>> Software Specialist I Fax: 413-577-2285
>> Department of Computer Science ICQ: 7565766
>> University of Massachusetts Amherst
>> --------------------------------------------------------
>>
>> ----
>> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
>> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
--
--------------------------------------------------------
David Korpiewski Phone: 413-545-4319
Software Specialist I Fax: 413-577-2285
Department of Computer Science ICQ: 7565766
University of Massachusetts Amherst
--------------------------------------------------------
More information about the Info-cyrus
mailing list