Replication: problems with synctest

Simon Matter simon.matter at invoca.ch
Tue Nov 13 07:51:00 EST 2007


> On Nov 13, 2007 8:08 AM, Rich Wales <richw at richw.org> wrote:
>> OK, so I decided to try what I described earlier (replication in both
>> directions, with different users using different master servers) . . . .
>>
>> But now I'm running into an authentication problem.  One of my servers
>> (my original replica) simply refuses to authenticate to the other one
>> (my original master).
>>
>> I've double-checked the user name and password, and I know it's in the
>> sasldb2.db file on the master, but authentication just will not work.
>>
>> I tried synctest to each server, and I can't connect to either server
>> using synctest.  Examples ("whodunit" is my original master; "flipflop"
>> is my original replica; and I've obscured the real authentication
>> strings in the AUTHENTICATE commands):
>>
>> % synctest -u admin -m plain whodunit
>> S: * SASL NTLM LOGIN PLAIN GSSAPI OTP DIGEST-MD5 CRAM-MD5
>> S: * STARTTLS
>> S: * OK whodunit.richw.org Cyrus sync server v2.3.9
>> Please enter your password:
>> C: AUTHENTICATE PLAIN ***************************
>> S: NO user not found
>> Authentication failed. generic failure
>> Security strength factor: 0
>> C: EXIT
>> Connection closed.
>>
>> % synctest -u admin -m plain flipflop
>> S: * SASL CRAM-MD5 DIGEST-MD5 GSSAPI LOGIN PLAIN NTLM
>> S: * STARTTLS
>> S: * OK flipflop Cyrus sync server v2.3.9
>> Please enter your password:
>> C: AUTHENTICATE PLAIN ***************************
>> S: NO authentication failure
>> Authentication failed. generic failure
>> Security strength factor: 0
>> C: EXIT
>> Connection closed.
>>
>> What's especially weird is the first one (whodunit), which gave a
>> "user not found" error, even though there IS an account named "admin"
>> in the sasldb2.db on that machine.
>>
>> Any ideas what I might be doing wrong here?
>
> Do you have virtdomains enable ?
> Did you setup defaultdomain ?
> Did you define user admin@$defaultdomain ?
> Is $defaultdomain in loginrealms ?
>

No, my testconfig is very simple:

configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
delete_mode: delayed

Simon



More information about the Info-cyrus mailing list