more helpful information ... I added allowplaintextlogins: 1 to impad.conf ...
[EMAIL PROTECTED] etc]# cyradm --user cyrus --auth login localhost IMAP Password: Login failed: authentication failure at /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 118 cyradm: cannot authenticate to server with login as cyrus [EMAIL PROTECTED] etc]# tail /var/log/maillog Feb 23 13:51:52 chipmunk master[22140]: about to exec /usr/lib/cyrus-imapd/imapd Feb 23 13:51:52 chipmunk master[22141]: about to exec /usr/lib/cyrus-imapd/pop3d Feb 23 13:51:52 chipmunk imap[22140]: executed Feb 23 13:51:52 chipmunk imap[22139]: executed Feb 23 13:51:52 chipmunk pop3[22141]: executed Feb 23 13:51:52 chipmunk imap[22138]: executed Feb 23 13:51:57 chipmunk imap[22131]: accepted connection Feb 23 13:51:57 chipmunk master[22143]: about to exec /usr/lib/cyrus-imapd/imapd Feb 23 13:51:57 chipmunk imap[22143]: executed Feb 23 13:52:04 chipmunk imap[22131]: badlogin: localhost.localdomain [127.0.0.1] plaintext cyrus SASL(-13): authentication failure: checkpass failed [EMAIL PROTECTED] etc]# cyradm --user cyrus --auth plain localhost Password: IMAP Password: Login failed: authentication failure at /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 118 cyradm: cannot authenticate to server with plain as cyrus [EMAIL PROTECTED] etc]# tail /var/log/maillog Feb 23 13:51:57 chipmunk imap[22131]: accepted connection Feb 23 13:51:57 chipmunk master[22143]: about to exec /usr/lib/cyrus-imapd/imapd Feb 23 13:51:57 chipmunk imap[22143]: executed Feb 23 13:52:04 chipmunk imap[22131]: badlogin: localhost.localdomain [127.0.0.1] plaintext cyrus SASL(-13): authentication failure: checkpass failed Feb 23 13:52:56 chipmunk imap[22136]: accepted connection Feb 23 13:53:01 chipmunk imap[22136]: badlogin: localhost.localdomain [127.0.0.1] PLAIN [SASL(-4): no mechanism available: security flags do not match required] Feb 23 13:53:07 chipmunk master[22121]: process 22131 exited, status 0 Feb 23 13:53:07 chipmunk master[22153]: about to exec /usr/lib/cyrus-imapd/imapd Feb 23 13:53:07 chipmunk imap[22153]: executed Feb 23 13:53:10 chipmunk imap[22136]: badlogin: localhost.localdomain [127.0.0.1] plaintext cyrus SASL(-13): authentication failure: checkpass failed I have looked at similiar threads regarding this issue on this list. It bounces back and forth bewtween config error and bug. The issue has never been answered definitively - is ths a config error or a bug? If I need to go back to a different version please let me know which one. If it is a config error ??? what ??? thanks Shelley Waltz On Mon, 23 Feb 2004, Shelley Waltz wrote: I cannot get the cyrus user to authenticate using either imtest or cyradm. I can authenticate all other normal users using imtest. I am using Simon's rpms for sasl and imap on RHES3. cyrus-sasl-2.1.17-2 cyrus-imapd-2.2.3-4 openldap-2.0.27-11 I am using LDAP authentication using saslauthd -ldap. The cyrus user in in the LDAP database as simpleSecurityObject which has uid and userPassword attributes. The password has been entered as clear,crypt and md5 and none work. Here are the outputs and config files ... user shelley ... an imap user works ... [EMAIL PROTECTED] text]# imtest -t "" -a shelley localhost S: * OK chipmunk.cabm.rutgers.edu Cyrus IMAP4 v2.2.3-Invoca-RPM-2.2.3-4 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed C: S01 STARTTLS S: S01 OK Begin TLS negotiation now verify error:num=18:self signed certificate TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=PLAIN AUTH=LOGIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed Please enter your password: C: A01 AUTHENTICATE PLAIN c2hlbGxleQBzaGVsbGV5AGxvbi8vbGF0 S: A01 OK Success (tls protection) Authenticated. Security strength factor: 256 C: Q01 LOGOUT Connection closed. user cyrus does not ... [EMAIL PROTECTED] text]# imtest -t "" -a cyrus localhost S: * OK chipmunk.cabm.rutgers.edu Cyrus IMAP4 v2.2.3-Invoca-RPM-2.2.3-4 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed C: S01 STARTTLS S: S01 OK Begin TLS negotiation now verify error:num=18:self signed certificate TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=PLAIN AUTH=LOGIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed Please enter your password: C: A01 AUTHENTICATE PLAIN Y3lydXMAY3lydXMAbnV0c0BjYWJt S: A01 NO authentication failure Authentication failed. generic failure Security strength factor: 256 Feb 23 11:53:50 chipmunk saslauthd[21680]: do_auth : auth failure: [user=cyrus] [service=imap] [realm=] [mech=ldap] [reason=Unknown] Feb 23 11:53:50 chipmunk imap[21637]: Password verification failed [EMAIL PROTECTED] text]# cyradm -u cyrus -a plain localhost Password: IMAP Password: Login failed: authentication failure at /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 118 cyradm: cannot authenticate to server with plain as cyrus Feb 23 11:54:48 chipmunk perl: No worthy mechs found Feb 23 11:54:52 chipmunk saslauthd[21681]: do_auth : auth failure: [user=cyrus] [service=imap] [realm=] [mech=ldap] [reason=Unknown] I am confused here - why does it ask twice for a password???????????? [EMAIL PROTECTED] etc]# more saslauthd.conf ldap_servers: ldap://localhost/ ldap_search_base: dc=cabm.rutgers,dc=edu ldap_bind_dn: cn=chipmunk,dc=cabm.rutgers,dc=edu ldap_bind_pw: xxxxx ldap_version: 3 ldap_timeout: 5 ldap_timelimit: 5 ldap_restart: yes ldap_scope: sub ldap_search_base: dc=cabm.rutgers,dc=edu ldap_auth_method: bind #ldap_filter: (|(uid=%u)(mail=%u)(alias=%u)) ldap_filter: (uid=%u) ldap_debug: 9 ldap_verbose: 1 ldap_ssl: no [EMAIL PROTECTED] etc]# more imapd.conf configdirectory: /usr/cyrus/imap partition-default: /usr/cyrus/spool/imap admins: cyrus sievedir: /usr/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN LOGIN MD5 #tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_cert_file: /usr/share/ssl/certs/server.pem #tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_key_file: /usr/share/ssl/certs/server.pem #tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt A clue as to what I am doing wrong is appreciated. I have seen similar threads, but no resolution. Shelley Waltz --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
