Re: anthentication problem

From: Guillaume Nadot (no email)
Date: Mon Sep 10 2007 - 09:05:59 EDT

  • Next message: Gary Mills: "Murder works wonderfully but alarms users"

    On Friday 07 September 2007 19:21:19 Andrew Morgan wrote:
    > On Fri, 7 Sep 2007, Guillaume Nadot wrote:
    > > Dear list,
    > >
    > > The problem is that I cannot use the email address of the user to perform
    > > their logins.
    > >
    > > Let me explain :
    > >
    > > I have succesfully setup cyrus with virtual domains,
    > > I use sasl with pam for the authentication,
    > > pam use ldap and use the email adress of the user as pam_login_attribute
    > > ( pam_login_attribute mail in /etc/ldap.conf ).
    > >
    > > When I run the command testsaslauthd -u -p password, it
    > > returns 0: OK "Success."
    > >
    > > When I want to perform a login on cyrus, it fails here is the log :
    > > Sep 7 15:50:40 imaptest pop3[5130]: badlogin: [192.168.34.208] plaintext
    > > SASL(-13): authentication failure: checkpass failed.
    > >
    > > If I try to log on cyrus using @truc.com, I can see this in
    > > the logs :
    > > Sep 7 15:52:30 imaptestfrontend1 pop3[5135]: login: [192.168.34.208]
    > > @truc.com plaintext User logged in
    > > Sep 7 15:52:33 imaptestfrontend1 pop3[5135]: Unable to locate maildrop
    > > truc.com!: Invalid mailbox name
    > >
    > > The problem seems to be that when the user tries to authenticate, cyrus
    > > splits the login in two parts : the username and the domain, and tries to
    > > authenticate the user only with the local part of the mail adress.
    > >
    > > Is there anyway to telle cyrus not to split the login when passing the
    > > username to sasl ?
    > >
    > > I'm using cyrus-imapd 2.3.7. on a RedHat 5 EL.
    > >
    > > Here is my imapd.conf :
    > >
    > > configdirectory: /var/lib/imap
    > > partition-default: /var/spool/imap
    > > admins: cyrus
    > > sievedir: /var/lib/imap/sieve
    > > sendmail: /usr/sbin/sendmail
    > > hashimapspool: true
    > > sasl_pwcheck_method: saslauthd
    > > sasl_mech_list: PLAIN
    > > tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
    > > tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
    > > tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
    > >
    > > virtdomains: userid
    >
    > Try starting saslauthd with the "-r" argument.
    >
    > Andy

    Thanks, it works now.

    As testsaslauthd was working, I didn't think saslauthd was the problem.

    -
    Guillaume Nadot
    System Engineer
    CIRB - CIBG

    ----
    Cyrus Home Page: http://cyrusimap.web.cmu.edu/
    Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
    List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
    

  • Next message: Gary Mills: "Murder works wonderfully but alarms users"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD