Re: auxprop + saslauthd ?


Subject: Re: auxprop + saslauthd ?
From: Richard A Nelson (cowboy at vnet dot ibm dot com)
Date: Wed May 07 2003 - 17:14:19 EDT


On Wed, 7 May 2003, Simon Matter wrote:

> > cyrus-sasl2 2.1.12
> >
> > /usr/lib/sasl2/Sendmail.conf:
> > pwcheck_method: saslauthd auxprop
>
> it's
> sasl_pwcheck_method: saslauthd auxprop

You have that, and its working - this isn't imap ?!?

I'm trying to have sasl2 work like sasl1 did:
        1) use sasldb for encrypted password source
        2) use pam for plain/login password source
           and update entry in sasldb iff needed

I'm finding the manpages/documentation not very helpful :(

My complete file (/usr/lib/sasl2/Sendmail.conf)
auto_transition: true
pwcheck_method: saslauthd auxprop
auxprop_plugin: sasldb
allowanonymouslogin: 0
allowplaintext: 1
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5

saslauthd -a pam

$ sasldblistusers2
sendmail at badlands dot lexington dot ibm dot com: userPassword

$ testsaslauthd -u cowboy -p <pwd>
0: OK "Success."

I'm plagued by these (for people not in sasldb)
sm-mta[412]: no secret in database

and having to enter the password (in pine) several times before it takes
(and verifies via PLAIN authentication).

It doesn't seem like autotransition is doing anything in this case :(
The doc suggests it only works in conjunction with auxprop.

using saslpasswd2 with the -n option looked promising, but all it
appears to do is suppress the entry via saslblistusers2!

What am I missing ?

-- 
Rick Nelson
I can saw a woman in two, but you won't want to look in the box when I do
'For My Next Trick I'll Need a Volunteer' -- Warren Zevon







Hosted Email Solutions

Invaluement Anti-Spam DNSBLs



Powered By FreeBSD   Powered By FreeBSD