SASL2/PAM LDAP problem

Subject: SASL2/PAM LDAP problem
From: Jayson Henkel (jhenkel at sterlingcrane dot ca)
Date: Thu May 01 2003 - 12:01:41 EDT


I've upgraded to SASL2 and am attempting to figure out why my smtp auth
broke. I've got the following errors generated in my auth.log.

Apr 30 11:36:04 ruto saslauthd[14904]: DEBUG: auth_pam: pam_authenticate
failed: User not known to the underlying authentication module

Apr 30 11:36:04 ruto saslauthd[14904]: AUTHFAIL:
user=jhenkel at sterlingcrane dot ca service=smtp [PAM
auth error]

my /etc/postfix/sasl/smtp.conf has pwcheck_method: saslauthd

/etc/default/saslauthd methods is pam

/etc/pam.d/smtp looks like

auth required
account required
password required use_authtok
session required

My ldap authentication works for all my other services (ssh, login, sudo

I've checked the permissions on /var/run/saslauthd. That doesn't seem to
be a problem.

I think the problem is related to saslauthd appending the realm to the
username to check against the directory. jhenkel exists, but
jhenkel at sterlingcrane dot ca doesn't. Unfortunately I don't know how to
strip the realm out, and a google search isn't being very helpful.

Can anyone suggest whether I'm on the right track, and if so how to
remove the sasl realm from the auth attempt?


Jayson Henkel

Hosted Email Solutions

Invaluement Anti-Spam DNSBLs

Powered By FreeBSD   Powered By FreeBSD