Thanks for the response. Unfortunately, that's not my problem:
# mupdatetest -p 3905 -u mupdater 128.6.239.23 S: * AUTH "PLAIN" S: * STARTTLS
Prentice
Jim Levie wrote:
On Tue, 2004-02-17 at 15:59, Prentice Bisbal wrote:
Im setting up Cyrus on a SAN where /var/spool/imap is shared via the san. I'm using the unified-imap branch as suggested by Ken Murchison. Everything seems to be working except mupdate. When I try to create a mailbox, I get the following error
localhost.localdomain> cm user.prentice createmailbox: no authentication to server
I suspect it may be a SASL issue. I've tried the mupdate login names with and without the domain/realm appended to the username.
If it is the same problem I just found, then it is a SASL problem.
Feb 17 16:53:29 pdb-mail-1 imap[13192]: authentication to remote mupdate server failed: "undefined error!"^M
I don't know which version of Cyrus you are running, but that error is remarkably similar to what mupdate-client.c procduces on 2.2.3. I see that you are using sasldb2, which makes me think it may be the same problem I had.
What I found was that SASL is being too helpful in trying to use the strongest authentication method possible. If SASL was build with Kerberos support and you aren't using Kerberos that is the only method mupdate will try, which of course will fail. You can tell if this is the case by executing:
mupdatetest -p 3905 -u mupdater 128.6.239.23
and checking the "* AUTH" line for GSSAPI.
I don't see a way of limiting the mupdate server's allowable auth mechs in the imapd.conf, but I found that renaming the /usr/lib/sasl2/libgssapiv2* plugins and restarting Cyrus on the mupdate server is a workable solution.
--- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
