SASLAUTH and cyrus

[Maria McKinley]

On 7/22/11 4:13 PM, Alexander Dalloz wrote:
> Am 23.07.2011 00:52, schrieb Maria McKinley:
>> On 7/22/11 2:53 PM, Dan White wrote:
>
>>> What is your sasl configuration in imapd.conf? (grep for sasl)
>>>
>>
>> sasl_mech_list: PLAIN LOGIN
>>
>> sasl_pwcheck_method: saslauthd
>>
>> sasl_auto_transition: no
>
> So check how your saslauthd is configured. It must be told to use a
> specific mechanism, like pam or shadow or whatever "saslauthd -v" gives
> you on your system. If it is pam, you then will have to check how
> /etc/pam.d/imap is configured.
>
>> thanks,
>> maria
>
> Alexander

Thanks Alexander.

auth    sufficient      pam_unix.so
auth    sufficient      pam_ldap.so try_first_pass
auth    required        pam_deny.so
account sufficient      pam_unix.so
account sufficient      pam_ldap.so
account required        pam_deny.so

So, I checked in ldap, and the postmaster user exists, but not the cyrus 
user. So, that seems to be why I can't authenticate as cyrus. So the 
user cyrus does exist, but not in ldap. Not sure how important it is 
that cyrus exists in ldap, since things seem to be working fine (I use 
the postmaster user for logging into cyradm anway), and I don't think 
that has anything to do with the error message I'm seeing.

Jul 22 08:41:59 ella cyrus/imaps[29387]: Fatal error:
tls_start_servertls() failed

This does not seem to affect accessing mail, but still I find it 
worrisome when I run across it in the logfiles. It seems I must have 
something configured incorrectly, but not sure where to go from here.

~maria