On Mon, 29 Dec 2003, Oliver Jones wrote: > > Use > > ldap_filter: [EMAIL PROTECTED] > > > > The current version of sasl lib splits a 'fully qualified username' to > > userid and realm. I believe this is a wrong behavior because '@' is a > > valid userid character and the domain part is really not a realm > > identifier in such instances. > > > I've tried this. Unfortunately when someone doesn't provide a domain on > their login eg the "cyrus" admin user in commands like "./cyradm --user > cyrus localhost" it searches the LDAP repository for (uid=cyrus@). This > isn't what I want. I want Cyrus IMAPD to stop splitting the userid into > user/realm.
This happens if your interfaces on the email server do not have reverse lookup. Otherwise imapd will fully qualify all userids unless they are already fully qualified. I guess my previous response was not clear. imapd is not splitting the userid, sasl lib is. You will need to use an older version of cyrus-sasl, not sure which one. > > >From the docs it appears to me that "global" admin users (ie, ones who > can access any virtual domain have to be of the form "username". Where > as domain restricted admins are of the form "[EMAIL PROTECTED]". So > if I was to amend the cyrus "admin" user to be [EMAIL PROTECTED] it would > be restricted to the domain.tld domain. Right? > > Note that I am use the 2.2.2BETA distro. Would it be wiser to fetch a > more recent CVS snapshot? Does the CVS version correct this (I believe) > errant behaviour? Yes, although this behavior is not different. -- Igor
