From: Edward Rudd (no email)
Date: Wed Oct 05 2005 - 10:21:59 EDT
On Wed, 2005-10-05 at 01:31 -0500, Marcus I. Ryan wrote:
> I've set up SASL with an LDAP backend that checks for a user in either
> the ou of the SASL realm, or the ou matching their domain (so
> as the username or user with domain.tld as the realm).
>
> I got it working using testsaslauthd, but when I try it through IMAP it
> appears IMAP strips the domain from the userid before it passes it to
> SASL, and doesn't pass it as a realm. I can handle it either way
> (passing a username of or having it passed in as a
> userid and a realm), but it doesn't seem to do either. Am I missing a
> setting/configuration option, or does this require some kind of code
> patch?
[snip]
>
> Any thoughts are appreciated. Thanks.
What version of SASL are you using? What version of Cyrus IMAP?
Are you using %u and %f in the ldap_filter configuration in
saslauthd,.conf? The userid is sent in %u and the realm (domain) in %r.
(this is in cyrus sasl version 2.1.20, cyrus imapd 2.2.12)
Also try setting the virtdomains: userid in /etc/imapd.conf (if using
cyrus 2.2.x) That will ensure that cyrus sends the whole userid to
sasl.
-- Edward Rudd <> ---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|