j> Well, there are still a lot of possibilities that haven't been ruled out
j> yet.
j> Is Cyrus configured to use PAM for authentication? It should have a line
j> in the /etc/imapd.conf file that says "sasl_pwcheck_method: pam"
Yep, it has.
j> You said the RADIUS server is configured correctly and works. Have you
j> confirmed that PAM (on the machine that Cyrus is installed on) is
j> correctly configured to authenticate IMAP and POP authentication
j> requests from the RADIUS server?
I think so, if Cyrus uses "pop3" and "imap" service names.
j> -Jules
j> On Fri, 2002-01-18 at 08:47, Pavel A Crasotin wrote:
>> So none knows why cyrus dont understand pam_radius reply?
>>
>> PAC> POP3:
>> PAC> # telnet localhost pop3
>> PAC> Trying ::1...
>> PAC> Trying 127.0.0.1...
>> PAC> Connected to localhost.
>> PAC> Escape character is '^]'.
>> PAC> +OK <[EMAIL PROTECTED]> Cyrus POP3 v2.0.16 server ready
>> PAC> user test
>> PAC> +OK Name is a valid mailbox
>> PAC> pass test
>> PAC> -ERR Invalid login
>> PAC> quit
>> PAC> +OK
>> PAC> Connection closed by foreign host.
>>
>> PAC> tcpdump does't catch any packet
>>
>> PAC> IMAP:
>> PAC> # imtest -m login -a test localhost
>> PAC> C: C01 CAPABILITY
>> PAC> S: * OK localhost.domain.ru Cyrus IMAP4 v2.0.16 server ready
>> PAC> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
>NO_ATOMI
>> PAC> C_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE
>> PAC> AUTH=DIGEST-MD5 AUTH=CRAM-MD5
>> PAC> S: C01 OK Completed
>> PAC> Password: test
>> PAC> C: L01 LOGIN test {4}
>> PAC> + go ahead
>> PAC> C: <omitted>
>> PAC> L01 NO Login failed: authentication failure
>> PAC> Authentication failed. generic failure
>> PAC> Security strength factor: 0
>> PAC> . logout
>> PAC> * BYE LOGOUT received
>> PAC> . OK Completed
>> PAC> Connection closed.
>>
>> PAC> And tcpdump shows:
>> PAC> # tcpdump host radiushost
>> PAC> tcpdump: listening on pcn0
>> PAC> 12:02:39.785085 localhost.domain.ru.hiq > radiushost.1645: rad-access-req 73 [
>> PAC> id 149] Attr[ User{test} Pass [|radius]
>> PAC> 12:02:39.817945 radiushost.1645 > localhost.domain.ru.hiq: rad-access-accept 2
>> PAC> 0 [id 149] (DF)
>>
>> PAC> And RADIATOR says user test has passed auth.
>>
>>
>> BT>> Regards,
>>
>> BT>> - Birger
>>
>> PAC> With respect,
>> PAC> Pavel A Crasotin
>> PAC> ____________________________________
>> PAC> OJSC SeverTransCom
>> PAC> 40/13 Sobinova, Yaroslavl, 150000, Russia
>> PAC> Tel/Fax: +7 (0852) 47-71-70, 47-69-49
>> PAC> +7 (0852) 72-17-28, 72-17-38
>>
>>
>>
>>
>>
>> With respect,
>> Pavel A Crasotin
>> ____________________________________
>> OJSC SeverTransCom
>> 40/13 Sobinova, Yaroslavl, 150000, Russia
>> Tel/Fax: +7 (0852) 47-71-70, 47-69-49
>> +7 (0852) 72-17-28, 72-17-38
>>
With respect,
Pavel A Crasotin
____________________________________
OJSC SeverTransCom
40/13 Sobinova, Yaroslavl, 150000, Russia
Tel/Fax: +7 (0852) 47-71-70, 47-69-49
+7 (0852) 72-17-28, 72-17-38
