Atif Ghaffar wrote:
> What do you have in your pam configuration.
>
> Does a user called philou exists?
> can you do a
> ldapsearch uid=philou
>
> Can you bind as this user?
> ldapsearch -D "dn of user philou" -w "passwordOfUserPhilou" uid=*
>
> You said
> "i'v an admin cyrus user in openldap "
> but your imap.conf says
> "admins: philou"
>
> So who is admin? "cyrus" or "philou"?
>
> Any lines about pam_ldap in syslog messages?
>
> Let me know if you need more help.
>
in fact , i've two linux-box
i crash the first ( 1er message) and i back to the debian package of cyrus
...
so
with this :
root@zarma:/root# dpkg -l |grep cy
ii cyrus-admin 1.5.19-2 Cyrus mail system (administration tool)
ii cyrus-common 1.5.19-2 Cyrus mail system (common files)
ii cyrus-dev 1.5.19-2 Cyrus mail system (developer files)
ii cyrus-imapd 1.5.19-2 Cyrus mail system (IMAP support)
and an manual installation of openldap-2.0.7
-----------------------------------
configdirectory: /var/lib/cyrus
defaultpartition: default
partition-default: /var/spool/cyrus/mail
partition-news: /var/spool/cyrus/news
newsspool: /var/spool/news
admins:philou
# No anonymous logins
anonymouslogins: no
# Minimum time between POP mail fetches in minutes
popminpoll: 1
# umask used by Cyrus programs
umask: 077
----------------------------------------
zarma:/usr/local# /usr/local/libexec/slapd
my openldap people :
root@zarma:~# ldapsearch -x -L -b "dc=filou, dc=my" -W "(objectclass=*)"
Enter LDAP Password:
version: 1
#
# filter: (objectclass=*)
# requesting: ALL
#
# filou, dc=my
dn: dc=filou, dc=my
objectClass: dcObject
objectClass: organization
dc: filou.my
o: filou.my
# staff, dc=filou, dc=my
dn: ou=staff, dc=filou, dc=my
objectClass: organizationalUnit
ou: staff
# philou,dc=filou, dc=my
dn: cn=philou,dc=filou, dc=my
cn: philou
sn: philou
mail: [EMAIL PROTECTED]
userPassword:: Zmlsb3U=
uid: philou
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: account
objectClass: posixAccount
objectClass: uidObject
# phil,dc=filou, dc=my
dn: cn=phil,dc=filou, dc=my
cn: phil
sn: phil
mail: [EMAIL PROTECTED]
userPassword:: cGhpbA==
uid: phil
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: account
objectClass: posixAccount
objectClass: uidObject
# fil,dc=filou, dc=my
dn: cn=fil,dc=filou, dc=my
cn: fil
sn: fil
mail: [EMAIL PROTECTED]
userPassword:: Zmls
uid: fil
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: account
objectClass: posixAccount
objectClass: uidObject
# root,dc=filou, dc=my
dn: cn=root,dc=filou, dc=my
cn: root
sn: root
mail: [EMAIL PROTECTED]
userPassword:: cm9vdA==
uid: root
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: account
objectClass: posixAccount
objectClass: uidObject
# toto,dc=filou, dc=my
dn: cn=toto,dc=filou, dc=my
cn: toto
sn: toto
mail: [EMAIL PROTECTED]
userPassword:: dG90bw==
uid: toto
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: account
objectClass: posixAccount
objectClass: uidObject
# search result
# numResponses: 8
# numEntries: 7
root@zarma:~#
-------------------------------------------------
my link to pwcheck :
l /etc/alternatives/pwcheck
lrwxrwxrwx 1 root root 21 Mar 4 17:02
/etc/alternatives/pwcheck -> /usr/sbin/pwcheck_pam
-------------------------------------------------------
my /etc/pam_ldap.conf
#
# $Id: ldap.conf,v 1.8 1999/06/06 12:24:37 lukeh Exp $
#
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
# To contact the author, mail [EMAIL PROTECTED]
#
# Your LDAP server.
host zarma
# The distinguished name of the search base.
#base dc=example,dc=net
base dc=filou,dc=my
# Use the V3 protocol to optimize searches
ldap_version 2
# NOTE: If you use these, be sure to chmod 600 this file
# for security reasons
#
# The distinguished name to bind to the server with.
# Optional: default is to bind anonymously.
#binddn cn=manager,dc=example,dc=net
#binddn cn=admin,dc=netjob-it,dc=com
#
# The credentials to bind with.
# Optional: default is no credential.
#bindpw secret
#bindpw filou218
# Filter to AND with uid=%s
#pam_filter objectclass=account
# The user ID attribute (defaults to uid)
pam_login_attribute uid
----------------------------------------------------
my /etc/pam.d/imap2 , imap , cyrus , pop ..
# PAM configurtion file for Cyrus pwcheck
auth required pam_ldap.so
account required pam_ldap.so
password required pam_ldap.so
session required pam_ldap.so
#auth required pam_unix.so nullok
#account required pam_unix.so
-------------------------------------------
cyradm -u philou zarma
zarma password:
application-specific initialization failed: authentication failed
%
tail -f /var/log/syslog
Mar 4 17:30:37 zarma imapd[9945]: connect from 192.168.1.1
Mar 4 17:30:39 zarma imapd[9945]: badlogin: zarma[192.168.1.1] plaintext
philou cannot connect to pwcheck server
pwcheck is active'sdaemon , imap cyrus is in inetd ...
thank fior yor help .
>
> Philippe Izoret wrote:
> >
> > hello .
> >
> > i've installed
> >
> > - cyrus-sasl-1.5.24 => ./configure --disable-krb4 --disable-gssapi
> > --disable-cram --disable-digest -
> > -enable-pwcheck
> >
> > - openldap-2.0.7 => ./configure --with-cyrus-sasl
> >
> > - cyrus-imapd-2.0.12 => ./configure
> > --with-dbdir=/usr/local/BerkeleyDB.3.2 --with-openssl=/usr/local/ope
> > nssl-0.9.6
> >
> > i'v an admin cyrus user in openldap ,
> > my /etc/imap.conf :
> > configdirectory: /var/imap
> > partition-default: /var/spool/imap
> > admins: philou
> > sasl_pwcheck_method: pam
> >
> > my /usr/lib/sasl/Cyrus.conf (which is a link to
> > /usr/local/lib/sasl/Cyrus.conf) :
> > pwcheck_method:PAM
> >
> > i run slapd , cyrus : /usr/cyrus/bin/master &
> >
> > => cyradm -u philou zarma
> > Please enter your password:
> > IMAP Password:
> > Login failed: no mechanism available at
> > /usr/local/lib/site_perl/i386-linux/Cyrus/IMAP/Admin.pm line 78
> > cyradm: cannot authenticate to server with as philou
> >
> > you see , i've two autentification ..
> > the fist perhaps for openldap . , the second for IMAP .
> >
> > what's wrong in perl mechanism ??
> >
> > my syslog :
> > Mar 4 12:58:48 zarma master[6445]: about to exec /usr/cyrus/bin/imapd
> > Mar 4 12:58:48 zarma service-imapd[6445]: executed
> > Mar 4 12:58:48 zarma imapd[6445]: accepted connection
> > Mar 4 12:58:50 zarma imapd[6445]: badlogin: zarma[192.168.1.1] PLAIN no
> > mechanism available
> > Mar 4 12:58:57 zarma master[6275]: process 6445 exited, status 0
> >
> > Can i launch cyrus 2.0.12 via inetd ??
> >
> > can you help me please ??
> >
> > By .
>
> --
> Atif Ghaffar
> Internet Development Manager
> 4unet AG/SA
>
> -------------------------.
> +41 78 787 51 45 ¦ voice
> +41 24 441 09 03 ¦ fax
> http://www.4unet.net ¦ www
> http://atif.developer.ch ¦ homepage
> [EMAIL PROTECTED] ¦ email
>
> Do you speak Unix?
