Solved: Virtual users setup

(no email)
Date: Tue May 17 2005 - 17:45:11 EDT

  • Next message: Bill MacAllister: "Re: Solved: Virtual users setup"

    Note:

    My solution, described below, is only a solution for "virtual users".
    I still haven't found any docs/info about configuring Cyrus for
    multiple "virtual domains".

    Well, I found this:
    http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html

    But that seems to require me to have a machine with multiple IPs/NICs.

    Can one configure Cyrus to handle multiple virtual domains on a machine
    with just 1 IP?

    Thanks,
    Otis

    --- wrote:

    > Here is my solution (plain text password passing only.....hm):
    >
    > 1. /etc/imapd.conf:
    >
    > sasl_pwcheck_method: auxprop # NOT saslauthd
    > sasl_mech_list: PLAIN
    > allowplaintext: yes
    >
    > 2. service saslauthd stop # saslauthd is not needed
    >
    > 3. /etc/pam.d/imap:
    >
    > #%PAM-1.0
    > auth required /lib/security/pam_stack.so
    > service=system-auth
    > #account required /lib/security/pam_stack.so
    > service=system-auth
    > ## the account line would require a real system/UNIX account
    > ## the auth line lets me create "virtual users"
    >
    > 4. create users / passwords in sasldb2:
    >
    > # saslpasswd2 -c feedback
    > Password:
    > Again (for verification):
    >
    > # sasldblistusers2
    > feedback at localhost dot localdomain: userPassword
    >
    > 5. test username / password:
    >
    > # /usr/lib/cyrus-imapd/imtest -a feedback -w PASSWORDHERE localhost
    > S: * OK localhost.localdomain Cyrus IMAP4
    > v2.2.6-Invoca-RPM-2.2.6-2.FC3.6 server ready
    > C: C01 CAPABILITY
    > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
    > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
    > BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
    > STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPES: C01 OK Completed
    > C: L01 LOGIN feedback {12}
    > S: + go ahead
    > C: <omitted>
    > S: L01 OK User logged in
    > Authenticated.
    > Security strength factor: 0
    > C: Q01 LOGOUT
    > Connection closed.
    >
    >
    >
    > So that works without actually having "feedback" system user:
    >
    > # finger feedback
    > finger: feedback: no such user.
    >
    >
    > Now ... this uses plain-text passwords, from what I understand. I
    > assume that refers to how they are stored in /etc/sasldb2 - Oh, yes,
    > "strings /etc/sasldb2" shows them all very clearly! :(((
    >
    > Hm, how does one go about encrypting that...
    >
    > Thanks,
    > Otis 

    ---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
  • Next message: Bill MacAllister: "Re: Solved: Virtual users setup"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    		Powered By FreeBSD   Powered By FreeBSD