SASL2/PAM LDAP problem


Subject: SASL2/PAM LDAP problem
From: Jayson Henkel (jhenkel at sterlingcrane dot ca)
Date: Thu May 01 2003 - 12:01:41 EDT


Hello,

I've upgraded to SASL2 and am attempting to figure out why my smtp auth
broke. I've got the following errors generated in my auth.log.

Apr 30 11:36:04 ruto saslauthd[14904]: DEBUG: auth_pam: pam_authenticate
failed: User not known to the underlying authentication module

Apr 30 11:36:04 ruto saslauthd[14904]: AUTHFAIL:
user=jhenkel at sterlingcrane dot ca service=smtp realm=sterlingcrane.ca [PAM
auth error]

my /etc/postfix/sasl/smtp.conf has pwcheck_method: saslauthd

/etc/default/saslauthd methods is pam

/etc/pam.d/smtp looks like

auth required pam_ldap.so
account required pam_ldap.so
password required pam_ldap.so use_authtok
session required pam_ldap.so

My ldap authentication works for all my other services (ssh, login, sudo
etc..)

I've checked the permissions on /var/run/saslauthd. That doesn't seem to
be a problem.

I think the problem is related to saslauthd appending the realm to the
username to check against the directory. jhenkel exists, but
jhenkel at sterlingcrane dot ca doesn't. Unfortunately I don't know how to
strip the realm out, and a google search isn't being very helpful.

Can anyone suggest whether I'm on the right track, and if so how to
remove the sasl realm from the auth attempt?

Thanks,

Jayson Henkel







Hosted Email Solutions

Invaluement Anti-Spam DNSBLs



Powered By FreeBSD   Powered By FreeBSD