Replication problem

Patrick H Radtke phr2101 at columbia.edu
Tue May 16 18:32:30 EDT 2006


PLAIN for sasl_pwcheck_method isn't a valid option. Keep it as saslauthd 
(and then make sure the testsaslauthd program works with your sync 
username and password).

I think you showed me your primary imapd.conf and not the replica's.

What does imtest show you when you log into the replica (capability 
lines)?

-Patrick
On Tue, 16 May 2006, David Korpiewski wrote:

> Hello Patrick!
>
> I set the sasl_pwcheck_method to be PLAIN from what it used to be (saslauthd) 
> on the replica server.
>
> Still doesn't work though, it gives me this error:
> badlogin: lmc1.cs.umass.edu [128.119.243.236] DIGEST-MD5 [SASL(-13): user not 
> found: no secret in database]
>
> HISTORY:
> our servers are set up with saslauthd for their sasl_pwcheck_method. 
> Saslauthd uses PAM for ldap authentication.  This works fine for receiving 
> email and authenticating users with their mail clients. However, this doesn't 
> appear to work for sync_server when authenticating the sync_client.
>
> These are pieces of my replica's imapd.conf:
>
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN
> sync_authname: cyrus
> sync_log: 1
> sync_host: lmc2.cs.umass.edu
> sync_repeat_interval: 5
> sync_password: XXXXXXXXXX
>
>
> Thank you for any help you can offer!
> David
>
>
> Patrick Radtke wrote:
>> 
>> did you try setting
>> sasl_pwcheck_method on the replica?
>> 
>> 'unix' isn't a SASL mechanism.
>> 
>> you may want to try PLAIN (what do you use currently on the primary 
>> server)?
>> 
>> on the replica use this line
>> sasl_mech_list: PLAIN
>> 
>> to make it only advertise PLAIN authentication, and then the primary 
>> machine will try using that sasl mechanism when connecting.
>> This will then invoke what you have for your sasl_pwcheck_method.
>> 
>> -Patrick
>> 
>> On May 16, 2006, at 3:47 PM, David Korpiewski wrote:
>> 
>>> I'm in the middle of trying to set up replication.  However, I keep 
>>> running into a problem.
>>> 
>>> The replication error I'm getting on the replica is this if I don't 
>>> specify a sync_authname and sync_password:
>>>
>>>  syncserver[7682]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits 
>>> new) no authentication
>>> 
>>> I get this error if I'm specifying a sync_authname and sync_password:
>>>
>>>  badlogin: lmc1.cs.umass.edu [128.119.243.236] DIGEST-MD5 [SASL(-13): user 
>>> not found: no secret in database]
>>> 
>>> MY QUESTION IS THIS:
>>> How can I change what sync_server uses for its authentication?  I want it 
>>> to either use LDAP or the local passwd/shadow files.  It obviously keeps 
>>> trying to use DIGEST-MD5, in which case it would have to look for a md5 
>>> file in a particluar location, but I don't see how to specify that either.
>>> 
>>> I tried setting auth_mech and sasl_auth_mech to be "unix" in the 
>>> /etc/imapd.conf but that doesn't change anything.
>>> 
>>> Can anyone help me?
>>> Thanks,
>>> David
>>> 
>>> 
>>> 
>>> ----------------------------------------------------------
>>> David Korpiewski                     Phone: 413-545-4319
>>> Software Specialist I                Fax:   413-577-2285
>>> Department of Computer Science       ICQ:   7565766
>>> University of Massachusetts Amherst
>>> --------------------------------------------------------
>>> 
>>> ----
>>> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
>>> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
> -- 
> --------------------------------------------------------
> David Korpiewski                     Phone: 413-545-4319
> Software Specialist I                Fax:   413-577-2285
> Department of Computer Science       ICQ:   7565766
> University of Massachusetts Amherst
> --------------------------------------------------------
>
>


More information about the Info-cyrus mailing list