- Previous message: Andrei Loukinykh: "Re: 2.1.17 with mysql quirks"
- In reply to: Prentice Bisbal: "PAM (Red Hat) saslauthd, and Cyrus IMAP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Simon Matter (simon dot matter at ch dot sauter-bc dot com)
Date: Thu Mar 11 2004 - 00:55:23 EST
> I'm having trouble authenticating to Cyrus IMAP. After having problems
> with salsdb2 and auxprop, I"m now trying to use saslauthd and pam so I
> can use the users' password from NIS.
>
> I can authenticate as myself, the cyrus admin, and the mupdate user fine
> with the cyradm command, but when I try to use imtest or connect from an
> IMAP mail client, I get reject, with the following entries in
> /var/log/auth.log
>
> Mar 10 15:40:18 pdb-mail-1 saslauthd[11318]: do_auth : auth
> failure: [user=mupdate] [service=mupdate] [realm=] [mech=pam]
> [reason=PAM auth error]
> Mar 10 15:40:18 pdb-mail-1 mupdate[11091]: Password verification failed
> Mar 10 15:40:50 pdb-mail-1 saslauthd[11319]: DEBUG: auth_pam:
> pam_authenticate failed: Authentication failure
> Mar 10 15:40:50 pdb-mail-1 saslauthd[11319]: do_auth : auth
> failure: [user=mupdate] [service=mupdate] [realm=] [mech=pam]
> [reason=PAM auth error]
> Mar 10 15:40:50 pdb-mail-1 mupdate[11091]: Password verification failed
> Mar 10 15:41:14 pdb-mail-1 saslauthd[11320]: DEBUG: auth_pam:
> pam_authenticate failed: Authentication failure
> Mar 10 15:41:14 pdb-mail-1 saslauthd[11320]: do_auth : auth
> failure: [user=mupdate] [service=mupdate] [realm=] [mech=pam]
> [reason=PAM auth error]
> Mar 10 15:41:14 pdb-mail-1 mupdate[11091]: Password verification faile
>
> The relevant config files are below
>
>
> --
> Prentice Bisbal
> Computer System Administrator
> Protein Data Bank
> Rutgers University
>
>
> # more /etc/imapd.conf
> configdirectory: /var/lib/imap
> partition-default: /var/cyrus/spool/imap
> admins: cyrus mupdate
> sievedir: /var/cyrus/lib/imap/sieve
> sendmail: /usr/sbin/sendmail
> hashimapspool: true
> #sasl_pwcheck_method: auxprop
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN
> tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
> tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
> tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
> mupdate_config: replicated
> mupdate_server: pdb-mupdate.rutgers.edu
> mupdate_username: mupdate
> mupdate_authname: mupdate
> mupdate_password: XXXXXXXX
>
> # more /etc/sysconfig/saslauthd
> MECH=pam
> FLAGS="-n=5"
>
> more /etc/pam.d/imap
> #%PAM-1.0
> auth required pam_stack.so service=system-auth
> account required pam_stack.so service=system-auth
You need /etc/pam.d/mupdate usually with the same config than
/etc/pam.d/imap.
HTH
Simon
>
>
>
>
|
|
|