disabling usage of realms

Lucas Zinato Carraro lucaszc at gmail.com
Sun Jan 9 05:51:46 EST 2011 

You can use virtdomains:

 virtdomains: yes
 defaultdomain:  your defaultdomain.com

with this:

 username  = username at yourdefaultdomain.com

Old clients can use username or  username at yourdefaultdomain.com
and new clients username at project1.com , username at project2.com.....


More details in:

http://www.cyrusimap.org/docs/cyrus-imapd/2.3.16/install-virtdomains.php




On Thu, Jan 6, 2011 at 11:22 AM, Stefan Palme <palme at kapott.org> wrote:
> Hi all,
>
> I use cyrus-imapd-2.3.x. User authentication happens via saslauthd,
> which in turn uses PAM. The PAM configuration includes a complicated
> stack of modules including LDAP, UNIX password files, access control
> lists etc. In general this setups works fine.
>
> Up to now all user-ids have the form "username". Now there are some new
> user accounts with user-ids like "username at project1".
>
> These user accounts are stored in the LDAP backend (which is transparent
> to the IMAP server). Authenticating these users by using PAM-test-tools
> works fine.
>
> Cyrus IMAP Server uses saslauthd. With the default configuration,
> saslauthd splits the given user-id into "username" and realm "project1".
> To disable this, I run saslauthd with "-r", so the username which is
> sent to PAM is really "username at project1", which in turn causes user
> authentication to work again.
>
> But when I try to login to Cyrus IMAP Server using "username at project1",
> I get error messages like "authentication failure: cross-realm login
> username at project1 denied".
>
> I think I understand the problem - I should configure "project1" as a
> valid "loginrealm" in /etc/imapd.conf. But I don't want this, because I
> don't want to modify the IMAP server configuration for each new "project
> X".
>
> Is there a way to tell Cyrus IMAP Server to completely skip its "realm
> logic", and to treat usernames containing an "@" just like any other
> normal username, which includes assuming the "default realm"?
>
> Thanks in advance!
> -stefan-
>
>
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
>

More information about the Info-cyrus mailing list