- Previous message: Bill MacAllister: "Re: Solved: Virtual users setup"
- Maybe in reply to: (no email): "Solved: Virtual users setup"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Sun Advocate Webmaster (no email)
Date: Tue May 17 2005 - 18:55:09 EDT
I haven't exactly been following this topic, so forgive me if this has
already been mentioned, or if I'm missing the issue, but I have
'virtdomains: userid' (versus virtdomains: yes) in my imapd.conf, and it
allows multiple domains on one IP. I have 4 or 5 domains (virtual setup)
on our server, and it runs just fine.
Jason
wrote:
> Note:
>
> My solution, described below, is only a solution for "virtual users".
> I still haven't found any docs/info about configuring Cyrus for
> multiple "virtual domains".
>
> Well, I found this:
> http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html
>
> But that seems to require me to have a machine with multiple IPs/NICs.
>
> Can one configure Cyrus to handle multiple virtual domains on a machine
> with just 1 IP?
>
> Thanks,
> Otis
>
>
> --- wrote:
>
>
>>Here is my solution (plain text password passing only.....hm):
>>
>>1. /etc/imapd.conf:
>>
>> sasl_pwcheck_method: auxprop # NOT saslauthd
>> sasl_mech_list: PLAIN
>> allowplaintext: yes
>>
>>2. service saslauthd stop # saslauthd is not needed
>>
>>3. /etc/pam.d/imap:
>>
>>#%PAM-1.0
>>auth required /lib/security/pam_stack.so
>>service=system-auth
>>#account required /lib/security/pam_stack.so
>>service=system-auth
>>## the account line would require a real system/UNIX account
>>## the auth line lets me create "virtual users"
>>
>>4. create users / passwords in sasldb2:
>>
>># saslpasswd2 -c feedback
>>Password:
>>Again (for verification):
>>
>># sasldblistusers2
>>feedback at localhost dot localdomain: userPassword
>>
>>5. test username / password:
>>
>># /usr/lib/cyrus-imapd/imtest -a feedback -w PASSWORDHERE localhost
>>S: * OK localhost.localdomain Cyrus IMAP4
>>v2.2.6-Invoca-RPM-2.2.6-2.FC3.6 server ready
>>C: C01 CAPABILITY
>>S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
>>NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
>>BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
>>STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPES: C01 OK Completed
>>C: L01 LOGIN feedback {12}
>>S: + go ahead
>>C: <omitted>
>>S: L01 OK User logged in
>>Authenticated.
>>Security strength factor: 0
>>C: Q01 LOGOUT
>>Connection closed.
>>
>>
>>
>>So that works without actually having "feedback" system user:
>>
>># finger feedback
>>finger: feedback: no such user.
>>
>>
>>Now ... this uses plain-text passwords, from what I understand. I
>>assume that refers to how they are stored in /etc/sasldb2 - Oh, yes,
>>"strings /etc/sasldb2" shows them all very clearly! :(((
>>
>>Hm, how does one go about encrypting that...
>>
>>Thanks,
>>Otis
>
>
> ---
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
--- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|