Re: Does Proxy User Work?

• Previous message: test-spam: "testing unsubscribed post to info-cyrus list"
• Maybe in reply to: John C. Amodeo: "Does Proxy User Work?"
• Next in thread: Patrick Radtke: "Re: Does Proxy User Work?"
• Reply: Patrick Radtke: "Re: Does Proxy User Work?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

How about backing up the ldap directory, resetting the passwords to a
known (to you) password, do the transition, and restore the directory?

If thats not possible, how about setting up a new temporary directory
with your user accounts and the known password, temporarily point cyrus
to it until after the transition, then point it back?

Thanks,
Tim

John C. Amodeo wrote:

> I've been researching a way to proxy as another user for 2 days
> without luck. It seems that Cyrus/SASL has the ability to take a
> proxy command, but I cannot find any feasible application of it. I
> need help.
>
> Here's the situation:
>
> I need to migrate 4 legacy Cyrus 2.0.17 servers to a new Cyrus 2.1.15
> server. For multiple reasons, I would rather perform the migration
> via imap using a sync utility like imapsync (or the equivalent) rather
> than trying to merge the 4 servers through a manual upgrade /
> reconstruct.
>
> I need to be able to "login" as a normal user, say Bob Smith, as the
> Cyrus superuser using Cyrus's credentials. If not, it will be a
> nightmare (and a bad practice) to collect my user's id's and passwords
> to run the conversion... I would love to work in batch mode where I
> would only need to supply userid (of the user) and then the cyrus
> super account credentials (or equivalent...)
>
> I'm reading all over the place about the difference between authcid
> and authzid, proxyservers: cyrus, etc. etc. but can't find any true
> application for how this might work in real life. I've tried every
> manageable combination of command line arguments with imtest to no
> avail...
>
> Both my 2.0.16 boxes and my 2.1.15 box authenticate against a central
> LDAP directory using sasl_mech_list: PLAIN.
>
> Does anyone have any ideas or suggestions? I really want to avoid
> hacking the SASL code to take a "master" password for any user.
>
> Thanks in advance.
>
> -John
>

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

• Previous message: test-spam: "testing unsubscribed post to info-cyrus list"
• Maybe in reply to: John C. Amodeo: "Does Proxy User Work?"
• Next in thread: Patrick Radtke: "Re: Does Proxy User Work?"
• Reply: Patrick Radtke: "Re: Does Proxy User Work?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]