Re: cyrus + openldap + cyradm .

Pascal Pucci Sun, 04 Mar 2001 11:42:27 -0800
Hi.

> - cyrus-sasl-1.5.24 => ./configure  --disable-krb4 --disable-gssapi
> --disable-cram  --disable-digest  -
> -enable-pwcheck

try.

./configure --disable-cram --disable-scram --disable-digest
         --disable-krb4 --disable-gssapi
                   --with-pwcheck=pam
                             --with-pam
                             


> - openldap-2.0.7 => ./configure --with-cyrus-sasl

Do you want use sasldb or ldap.
If the answer is ldap : u have tow solutions :

ldap directly with a patch for cyrus-imap
or
pam-ldap (authentification pam with ldap)

If pam-ldap :

> - cyrus-imapd-2.0.12 => ./configure
> --with-dbdir=/usr/local/BerkeleyDB.3.2 --with-openssl=/usr/local/ope
> nssl-0.9.6

./configure --with-pwcheck=pam 

(U can use apache-ssl for webmail or continue with a secure imap port). 


> i'v an admin cyrus user in openldap  ,
> my /etc/imap.conf :
> configdirectory: /var/imap
> partition-default: /var/spool/imap
> admins: philou
> sasl_pwcheck_method: pam

yes.

> my /usr/lib/sasl/Cyrus.conf (which is a link to
> /usr/local/lib/sasl/Cyrus.conf) :
> pwcheck_method:PAM
> 
> 
> i run slapd , cyrus : /usr/cyrus/bin/master &
> 
> => cyradm -u philou zarma
> Please enter your password:
> IMAP Password:
>               Login failed: no mechanism available at
> /usr/local/lib/site_perl/i386-linux/Cyrus/IMAP/Admin.pm line 78
> cyradm: cannot authenticate to server with  as philou

For this : You have to make a saslpassword for cyrus :

as root : saslpasswd philou

cyradm -u philou zarma

If you want use pam_ldap :

* You have to configure /etc/pam_ldap.conf   
* Add a user philou in your ldap directory.
* configure /etc/pam.d/imap & pop (if u want).

auth        sufficient  pam_ldap.so 
account     sufficient  pam_ldap.so
password required       pam_ldap.so debug
session  required       pam_deny.so

To test authentification with ldap :

cyradm -m login -u philou zarma

If u have read and do as the documentation say, it should do.

Let me know if it run. 

bye
-- 
Pascal Pucci : [EMAIL PROTECTED]
Recommander un site à ses amis : http://www.BeeTell.com
Participer à la promotion du logiciel libre : http://www.linuxpien.org
http://www.pascalou.org, sur le portable : [EMAIL PROTECTED]
Re: cyrus + openldap + cyradm .

Reply via email to
