Best way to auth cyrus 3.x to an AD domain setup

Lars Schimmer l.schimmer at cgv.tugraz.at
Tue Feb 26 05:35:21 EST 2019


On 2/25/19 3:17 PM, Dan White wrote:
> On 02/25/19 11:45 +0100, Lars Schimmer wrote:
>> Ok, after sasldb2 file is not good anymore, I want to ask user passwords
>> from our AD Domain setup.
>>
>> I had a short search and I did find several methosd to let cyrus3 ask
>> for users/pwasswords from a AD server, but all are kinda old.
>>
>> E.g. using krb5 service principle in win server 2008, or just using LDAp
>> against the server.
>>
>> What is the preferred, easy to use method nowadays, any docs available?
>>
>> Or how do I use sasl to save passwords encrypted with hash on local
>> harddrive?
> 
> https://www.openldap.org/lists/openldap-technical/201106/msg00198.html
> 
> In imapd.conf:
> 
> sasl_pwcheck_method: saslauthd

Tried, but passwd check bad.
With ldapsearch I get a positiv feedback, but on imap login I get:
SASL(-13): authentication failure: checkpass failed

And no simple way to debug :-(


MfG,
Lars Schimmer
-- 
-------------------------------------------------------------
TU Graz, Institut für ComputerGraphik & WissensVisualisierung
Tel: +43 316 873-5405       E-Mail: l.schimmer at cgv.tugraz.at
Fax: +43 316 873-5402       PGP-Key-ID: 0x4A9B1723



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20190226/86c6fb47/attachment.sig>


More information about the Info-cyrus mailing list