Cyrus-imapd not providing realm information

tarjei tarjei at nu.no
Mon Aug 25 08:04:57 EDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi, I'm trying to get Cyrus IMAPD + saslauthd working with an
virtdomains setup.

Relevant info:
OS: Centos 5.2
Cyrus-Imapd: 2.3.7
Sasl: 2.1.22

imapd.conf:
altnamespace: yes
autocreatequota:-1
createonpost: no
autocreate_sieve_script: /var/lib/imap/sieve/default.script
autocreateinboxfolders: Spam|Drafts|Sent|Trash
autosubscribeinboxfolders: Spam|Drafts|Sent|Trash
autosubscribesharedfolders: Spam|Ikke-Spam
defaultdomain: example.com
virtdomains: userid
servername: mail.example.com
unixhierarchysep: 1
sasl_mech_list: plain
sasl_pwcheck_method: saslauthd
cmtp_overquota_perm_failure: no

saslauthd.conf:
ldap_servers:     ldaps://ldap.example.com
ldap_version:     3
ldap_timeout:     10
ldap_time_limit:  10
ldap_search_base: dc=example,dc=com
ldap_bind_dn:     uid=saslauthd,ou=Services,dc=example,dc=com
ldap_password:    password
ldap_scope:       sub
ldap_uidattr:     mail
ldap_filter_mode: yes
ldap_filter:      (mail=%u@%r)

testsaslauth works:
testsaslauthd -u tarjei -r example.com -p password
0: OK "Success."

but imtest fails:
imtest -u tarjei at example.com -a tarjei at example.com -t "" localhost
...
S: A01 NO authentication failure
Authentication failed. generic failure

I then find the following in the log files:
saslauthd[27506]: do_auth         : auth failure: [user=tarjei]
[service=imap] [realm=] [mech=ldap] [reason=Unknown]

And in the ldap log:
SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(mail=tarjei@)"


It seems to me that for some reason, the imap server is not passing on
the full username - but just the part before the domainname.

Does anyone know what I am doing wrong? I seem so close :)

Kind regards,
Tarjei

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIsp/pYVRKCnSvzfIRAoN2AJ94nmeUJ1ir+SWICgZQwz1W9JQskACgn4X4
kt/8icmlER1QImZK+ZR/r7U=
=zTtD
-----END PGP SIGNATURE-----


More information about the Info-cyrus mailing list