Replication problem
Patrick H Radtke
phr2101 at columbia.edu
Tue May 16 18:32:30 EDT 2006
PLAIN for sasl_pwcheck_method isn't a valid option. Keep it as saslauthd
(and then make sure the testsaslauthd program works with your sync
username and password).
I think you showed me your primary imapd.conf and not the replica's.
What does imtest show you when you log into the replica (capability
lines)?
-Patrick
On Tue, 16 May 2006, David Korpiewski wrote:
> Hello Patrick!
>
> I set the sasl_pwcheck_method to be PLAIN from what it used to be (saslauthd)
> on the replica server.
>
> Still doesn't work though, it gives me this error:
> badlogin: lmc1.cs.umass.edu [128.119.243.236] DIGEST-MD5 [SASL(-13): user not
> found: no secret in database]
>
> HISTORY:
> our servers are set up with saslauthd for their sasl_pwcheck_method.
> Saslauthd uses PAM for ldap authentication. This works fine for receiving
> email and authenticating users with their mail clients. However, this doesn't
> appear to work for sync_server when authenticating the sync_client.
>
> These are pieces of my replica's imapd.conf:
>
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN
> sync_authname: cyrus
> sync_log: 1
> sync_host: lmc2.cs.umass.edu
> sync_repeat_interval: 5
> sync_password: XXXXXXXXXX
>
>
> Thank you for any help you can offer!
> David
>
>
> Patrick Radtke wrote:
>>
>> did you try setting
>> sasl_pwcheck_method on the replica?
>>
>> 'unix' isn't a SASL mechanism.
>>
>> you may want to try PLAIN (what do you use currently on the primary
>> server)?
>>
>> on the replica use this line
>> sasl_mech_list: PLAIN
>>
>> to make it only advertise PLAIN authentication, and then the primary
>> machine will try using that sasl mechanism when connecting.
>> This will then invoke what you have for your sasl_pwcheck_method.
>>
>> -Patrick
>>
>> On May 16, 2006, at 3:47 PM, David Korpiewski wrote:
>>
>>> I'm in the middle of trying to set up replication. However, I keep
>>> running into a problem.
>>>
>>> The replication error I'm getting on the replica is this if I don't
>>> specify a sync_authname and sync_password:
>>>
>>> syncserver[7682]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits
>>> new) no authentication
>>>
>>> I get this error if I'm specifying a sync_authname and sync_password:
>>>
>>> badlogin: lmc1.cs.umass.edu [128.119.243.236] DIGEST-MD5 [SASL(-13): user
>>> not found: no secret in database]
>>>
>>> MY QUESTION IS THIS:
>>> How can I change what sync_server uses for its authentication? I want it
>>> to either use LDAP or the local passwd/shadow files. It obviously keeps
>>> trying to use DIGEST-MD5, in which case it would have to look for a md5
>>> file in a particluar location, but I don't see how to specify that either.
>>>
>>> I tried setting auth_mech and sasl_auth_mech to be "unix" in the
>>> /etc/imapd.conf but that doesn't change anything.
>>>
>>> Can anyone help me?
>>> Thanks,
>>> David
>>>
>>>
>>>
>>> ----------------------------------------------------------
>>> David Korpiewski Phone: 413-545-4319
>>> Software Specialist I Fax: 413-577-2285
>>> Department of Computer Science ICQ: 7565766
>>> University of Massachusetts Amherst
>>> --------------------------------------------------------
>>>
>>> ----
>>> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
>>> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
> --
> --------------------------------------------------------
> David Korpiewski Phone: 413-545-4319
> Software Specialist I Fax: 413-577-2285
> Department of Computer Science ICQ: 7565766
> University of Massachusetts Amherst
> --------------------------------------------------------
>
>
More information about the Info-cyrus
mailing list