Imapd/Sasl/Ldap

Joshua Van Horn jvanhorn at ucdavis.edu
Tue Jan 22 16:59:35 EST 2008


Hi, 

I have compiled sasl-2.1.22 against openladp-2.3.39.  After setting up
the saslauthd.conf file, I was able to successfully authenticate against
our SunONE LDAP server using testsaslatuhd.  My issues arise when I
start the cyrus-imapd program.  I am able to login via Thunerbird/random
IMAP client just fine, but I see the following errors flooding the
/var/log/auth.log file:

Jan 22 13:41:28 cyrustest2 imaps[19846]: [ID 702911 auth.error]
auxpropfunc error invalid parameter supplied
Jan 22 13:41:28 cyrustest2 imaps[19846]: [ID 702911 auth.debug]
_sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb

I have tried various settings in the imapd.conf to try to rectify this,
but have been unsuccessful.  What bothers me is that I do not use the
auxprop pwcheck method for sasl.

Here is my saslauthd.conf file:

ldap_servers: ldap://ldapserver.ucdavis.edu:389/
ldap_size_limit: 1
ldap_time_limit: 5
ldap_timeout: 5
ldap_version: 3
ldap_search_base: ou=People,dc=ucdavis,dc=edu
ldap_auth_method: fastbind
ldap_filter: uid=%u,ou=people,dc=ucdavis,dc=edu

Here are the relevant portions of the imapd.conf file:

# SASL Configuration
sasl_pwcheck_method: saslauthd
sasl_mech_list: plain gssapi
sasl_saslauthd_path: /var/run/mux
ldap_servers: ldap://ldapserver.ucdavis.edu:389/
ldap_filter: uid=%u,ou=people,dc=ucdavis,dc=edu

saslauthd is running with the "-a LDAP" switch.  I don't think I need
the ldap* settings in the imapd.conf file, but had they didn't seem to
causing any harm.

Any ideas on why I am seeing auxprop errors in the auth.log file, and
how I might go about resolving them/making them go away?  It doesn't
seem to break anything, but it makes the logs way too big.

Thanks,


Joshua Van Horn
IET - University of California, Davis
jvanhorn at ucdavis.edu



More information about the Info-cyrus mailing list