Allow PLAIN login cyrus 2.2.12

Dan White dwhite at olp.net
Mon Feb 13 10:49:45 EST 2012


On 02/13/12 16:02 +0100, Manel Gimeno Zaragozá wrote:
>
>Hello,
>
>I've tried adding "asterisk" lines but nothing changes:
>
>=====imapd.conf====
>sasl_pwcheck_method: saslauthd
>sasl_mech_list: PLAIN
>*sasl_minimum_layer:  0
>
>=====saslauthd.conf=====
>ldap_servers: ldap://ldap.ldaptest.com:389/ ldap://srv-ln-repli1.ldaptest:389/
>ldap_search_base: ou=pre_test,dc=org
>ldap_bind_dn: cn=admin
>ldap_password: password
>ldap_scope: sub
>ldap_filter: (|(cn=%U@%d)(uid=%u))
>*ldap_auth_method: plain
>
>I'm still not able to log in#
>
>#imtest -m plain 192.168.1.5 -a test-adm
>      S: * OK Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready
>      C: C01 CAPABILITY
>      S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT       THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE
>      S: C01 OK Completed
>      [Server did not advertise AUTH=PLAIN]
>      Authentication failed. generic failure
>      Security strength factor: 0

On 02/13/12 12:55 +0100, Manel Gimeno Zaragozá wrote:
>I can connect via testsaslauthd:
>#testsaslauthd -u test-adm -p password
>        0: OK "Success."
>

Check your syslog for any errors (auth facility). Verify that the user
which imapd is running under has permissions to access the saslauthd mux.
One way to verify that is with:

sudo -u cyrus testsaslauthd -u test-adm -p password

You may need to set:

sasl_saslauthd_path: </full/path/to/saslauthd/mux>/mux

Within imapd.conf. But your logs will provide an appropriate error if that
option is needed.

-- 
Dan White


More information about the Info-cyrus mailing list