cyradm: cannot authenticate to server

From: brian (no email)
Date: Sun Apr 06 2008 - 17:32:53 EDT

Next message: brian: "Re: cyradm: cannot authenticate to server"

Previous message: Alain Spineux: "Re: patch to force cyrus to reload its configuration in a more rigorous way"
Next in thread: brian: "Re: cyradm: cannot authenticate to server"
Maybe reply: brian: "Re: cyradm: cannot authenticate to server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I'm attempting to move from one server to another and have begun
replicating the set-up on the new box but am running into problems. I
want to set up authentication through sasldb and TLS (though the TLS
postfix stuff is all commented out for now).

I'm trying to set up authentication through sasldb2. I have assigned a
both system and saslpasswd2 passwords to the cyrus user. When i su -
cyrus from root and try:

cyradm --user cyrus --server localhost

I'm prompted for both "password" and "IMAP password". I guessed the
first is the system one so used that first, then the one assigned using
saslpasswd2. I see the following:

Login failed: authentication failure at
/usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm
line 119
cyradm: cannot authenticate to server with as cyrus

If i append "--auth plain" as some docs online suggest, I see the same
error, with "with plain as cyrus".

Why do i see a prompt for both "password" and "IMAP password"? I'm sure
I've never seen that before.

The following are what I have right now:

installed (RPM):
cyrus-sasl-2.1.22-8.fc7
cyrus-sasl-lib-2.1.22-8.fc7
cyrus-sasl-devel-2.1.22-8.fc7
cyrus-sasl-plain-2.1.22-8.fc7
cyrus-sasl-md5-2.1.22-8.fc7
postfix-2.5.1-1.sasl2.spf.fc7

saslauthd is stopped

/usr/lib/sasl2/smtpd.conf:

pwcheck_method: auxprop
mech_list: PLAIN LOGIN

I will be adding DIGEST-MD5 to the mech list once i make a little headway.

/etc/imapd.conf:

configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
unixhierarchysep: no
altnamespace: yes
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sasldb
sasl_mech_list: PLAIN LOGIN
#tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
#tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
#tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
defaultdomain: MYDOMAIN
virtdomains: userid
loginrealms: MYDOMAIN
allowplaintext: 1

/etc/pam.d/imap
#%PAM-1.0
auth include system-auth
account include system-auth

I know that pwcheck_method is not pam but is there some other place I
need to check to ensure this is the case? I've been banging my head on
this all afternoon and I'm losing track of which config files are
important to what part of the process.

----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Next message: brian: "Re: cyradm: cannot authenticate to server"

Previous message: Alain Spineux: "Re: patch to force cyrus to reload its configuration in a more rigorous way"
Next in thread: brian: "Re: cyradm: cannot authenticate to server"
Maybe reply: brian: "Re: cyradm: cannot authenticate to server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Invaluement Anti-Spam DNSBLs