From: Mike Partyka (no email)
Date: Mon Aug 08 2005 - 09:13:25 EDT
On Aug 8, 2005, at 12:14 AM, Simon Matter wrote:
>> I had a working cyrus-imapd installation and had successfully added
>> an account in the following way.
>>
>> # First set password for cyrus account
>> saslpasswd cyrus
>>
>
> With your config below, I don't thing you are using sasldb. So why
> set a
> password in sasldb/sasldb2?
The mail server i am using is a project called open-xchange and i
believe sasl is being used as a medium to communicate with ldap, here
are two files that make this communication possible through the
saslauthd daemon. I the case of the cyrus user however i think this
is stored in the sasldb and used strictly for administering the cyrus
imapd service and more specifically for creating mailboxes
# /etc/saslauthd.conf
ldap_servers: ldap://ox-domain.tld:389/
ldap_bind_dn: cn=Manager,dc=ox-domain,dc=tld
ldap_bind_pw: ldapsecretpassword
ldap_search_base: dc=ox-domain,dc=tld
# /etc/conf.d/saslauthd
#SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam"
SASLAUTH_MECH=ldap
SASLAUTHD_OPTS="-a ${SASLAUTH_MECH}"
>
>
>>
>> # Using the cyrus account i initially used the command line below to
>> create an initial account.
>> cyradm -u cyrus mydomain.com
>> mydomain>cm myself
>>
>
> With your config below, I think you may wynt to create a mailbox with
> cm user.myself
Once the authentication completes this is how i would proceed to
making a new mailbox
>
>
>> mydomain>exit
>>
>> # Today i attempted to create another mailbox and got the following
>> error.
>> myself at sand ~ $ cyradm -user cyrus mydomain.com
>>
>
> I'm quite sure you have changed your config now.
>
>
>> IMAP Password:
>> Login failed: authentication failure at /usr/lib/
>> perl5/
>> site_perl/5.8.6/i686-linux/Cyrus/IMAP/Admin.pm line 118
>> cyradm: cannot authenticate to server with as cyrus
>>
>> # The /var/log/messages file just reiterates the failure to
>> authenticate so really doesn't tell me anything i didn't know
>>
>
> And what does it tell you?
Here is a chunk of logging relating to the login failure, it doesn't
seem very helpful to me but maybe you'll get something more from it.
Aug 8 07:09:48 sand imap[14154]: badlogin: sand.mydomain.com
[192.168.0.3] plaintext cyrus SASL(-13): authentication failure:
checkpass failed
Aug 8 07:10:32 sand imap[14154]: badlogin: sand.mydomain.com
[192.168.0.3] plaintext cyrus SASL(-13): authentication failure:
checkpass failed
Aug 8 07:11:30 sand imap[14154]: badlogin: sand.mydomain.com
[192.168.0.3] plaintext cyrus SASL(-13): authentication failure:
checkpass failed
Aug 8 07:13:20 sand imap[14195]: badlogin: sand.mydomain.com
[192.168.0.3] plaintext cyrus SASL(-13): authentication failure:
checkpass failed
Aug 8 07:16:50 sand imap[14203]: badlogin: localhost [127.0.0.1]
plaintext cyrus SASL(-13): authentication failure: checkpass failed
Aug 8 07:21:01 sand ctl_cyrusdb[14221]: checkpointing cyrus databases
>
> In fact I don't think anybody can help you with this kind of
> information.
I am not very familiar with Cyrus and am not sure what would be
helpful here but would be happy to provide almost anything you
suggest? i have only one other working user and i have considered
dumping the /etc/sasl2/sasldb2 file which is i believe where the
cyrus user's authentication info is located. Do you think this would
let me recreate the cyrus account in the sasldb?
>
> Simon
>
>
>>
>> # I have reset/recreated the cyrus account and password with the
>> saslpasswd2 command but i continue to get the error above though i
>> know i am using the correct password i just can't authenticate to the
>> server mydomain.com
>>
>> Can anyone give me some pointers as to what might need to be done in
>> order for me to be able to login to mydomain.com using the cyrus
>> account?
>>
>> Here is my /etc/imapd.conf
>>
>> # Use this if sieve-scripts could be in ~user/.sieve.
>> #sieveusehomedir: yes
>>
>> # Use saslauthd if you want to use pam for imap.
>> # But be warned: login with DIGEST-MD5 or CRAM-MD5
>> # is not possible using pam.
>> sasl_pwcheck_method: saslauthd
>> lmtp_downcase_rcpt: yes
>>
>> ####################################################
>> ## This is a recommended authentication method if you
>> ## emerge cyrus-sasl with 'postgres' or 'mysql'
>> ## To use with mysql database uncomment those lines below.
>>
>> #sasl_pwcheck_method: auxprop
>> #sasl_auxprop_plugin: sql
>>
>> ## possible values for sasl_auxprop_plugin 'mysql', 'pgsql',
>> 'sqlite'.
>> #sasl_sql_engine: mysql
>>
>> ## all possible values.
>> sasl_mech_list: PLAIN
>> ## or limit to CRAM-MD5 only
>> #sasl_mech_list: CRAM-MD5
>>
>> ## change below to suit your setup.
>> sasl_sql_user: mailsqluser
>> sasl_sql_passwd: password
>> sasl_sql_database: mailsqldb
>> sasl_sql_hostnames: localhost
>> sasl_sql_select: SELECT clear FROM users WHERE email = '%u@%r'
>>
>> Thanks in Advance for any help!
>>
>> Michael W. Partyka
>> Jumpnode Systems, LLC
>> Systems Administrator
>> 612.605.5056 Desk
>>
>>
>
>
Mike Partyka
Jumpnode Systems, LLC
Systems Administrator
(612)605-5056 Desk
(612)605-5099 Fax
--- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|