Re: anthentication problem

From: Andrew Morgan (no email)
Date: Fri Sep 07 2007 - 13:21:19 EDT

Next message: David Newman: "struct_et_list warnings with 2.3.9"

Previous message: Guillaume Nadot: "anthentication problem"
In reply to: Guillaume Nadot: "anthentication problem"
Next in thread: Guillaume Nadot: "Re: anthentication problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, 7 Sep 2007, Guillaume Nadot wrote:

> Dear list,
>
> The problem is that I cannot use the email address of the user to perform
> their logins.
>
> Let me explain :
>
> I have succesfully setup cyrus with virtual domains,
> I use sasl with pam for the authentication,
> pam use ldap and use the email adress of the user as pam_login_attribute (
> pam_login_attribute mail in /etc/ldap.conf ).
>
> When I run the command testsaslauthd -u -p password, it returns
> 0: OK "Success."
>
> When I want to perform a login on cyrus, it fails here is the log :
> Sep 7 15:50:40 imaptest pop3[5130]: badlogin: [192.168.34.208] plaintext
> SASL(-13): authentication failure: checkpass failed.
>
> If I try to log on cyrus using @truc.com, I can see this in the
> logs :
> Sep 7 15:52:30 imaptestfrontend1 pop3[5135]: login: [192.168.34.208]
> @truc.com plaintext User logged in
> Sep 7 15:52:33 imaptestfrontend1 pop3[5135]: Unable to locate maildrop
> truc.com!: Invalid mailbox name
>
> The problem seems to be that when the user tries to authenticate, cyrus splits
> the login in two parts : the username and the domain, and tries to
> authenticate the user only with the local part of the mail adress.
>
> Is there anyway to telle cyrus not to split the login when passing the
> username to sasl ?
>
> I'm using cyrus-imapd 2.3.7. on a RedHat 5 EL.
>
> Here is my imapd.conf :
>
> configdirectory: /var/lib/imap
> partition-default: /var/spool/imap
> admins: cyrus
> sievedir: /var/lib/imap/sieve
> sendmail: /usr/sbin/sendmail
> hashimapspool: true
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN
> tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
>
> virtdomains: userid

Try starting saslauthd with the "-r" argument.

Andy

----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Next message: David Newman: "struct_et_list warnings with 2.3.9"

Previous message: Guillaume Nadot: "anthentication problem"
In reply to: Guillaume Nadot: "anthentication problem"
Next in thread: Guillaume Nadot: "Re: anthentication problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Invaluement Anti-Spam DNSBLs