My server is Solaris 9, Cyrus IMAP 2.2.3, SASL 2.1.17, Postfix 2.0.18 and Squirrelmail 1.4.2. I cannot seems to figure out how authentication works between IMAPD and Squirrelmal, authentication in general.
My imapd server is working (telnet to port 143, etc.) I can create users with Cyrus IMAP. I can't seems to figure out how to achieve authentication to IMAP. I compiled SASL with fsl/pam/login/ldap/mysql options to 'yes'. If I create a user 'test' via Unix with /etc/passwd & shadow and execute saslauthd -a shadow, I can login via Squirrelmail but receive an error because Squirrelmail can't find the mailbox. If I create a user 'test' under cyradm I can't login via saslauthd -a shadow/pam/login/ldap/rimap/ getpwent. I'm not interested in saslauthd -a shadow, if I understood Cyrus IMAP, you can create user's e-mail without adding Unix accounts and uses different authentication scheme. Below is my imapd.conf and saslauthd.conf. If I need to add certain parameters, please specify which file(s) and example, I'm not too familiar or experience with SASL enough to comprehend "just add...parameters." Thanks. - Mike imapd.conf ---------- # Warning: Do not use a trailing slash in paths! configdirectory: /openpkg/var/imapd partition-default: /home/imapd_users admins: openpkg-r mike defaultacl: openpkg-r lrswipcda sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN sendmail: /openpkg/sbin/sendmail lmtpsocket: /openpkg/var/imapd/socket/lmtp unixhierarchysep: yes #altnamespace: yes allowanonymouslogin: no allowplaintext: yes servername: server01.rr.com autocreatequota: 10000 reject8bit: no quotawarn: 90 timeout: 30 defaultdomain: rr.com virtdomains: on #virtdomains: off #virtdomains: userid saslauthd.conf -------------- # white space separated list of LDAP servers #ldap_servers: ldap://127.0.0.1 ldap_servers: ldap://192.168.2.3 # authentication for restricted LDAP servers #ldap_bind_dn: cn=operator,ou=Profile,o=foo.com #ldap_bind_pw: secret # LDAP version to use (2|3) #ldap_version 3 # LDAP timeout #ldap_timeout 5 # LDAP aliases (search|find|always|never) ldap_deref: never # follow LDAP referrals ? ldap_referrals: no # restart LDAP I/O operations that fail ? ldap_restart: yes # search scope (sub|one|base) #ldap_scope: sub # starting point for a search ldap_search_base: MUST-SPECIFY # authenticate against LDAP (bind|custom|fastbind) ldap_auth_method: bind # Filter LDAP records, %u = username, %r = realm # if ldap_auth_method is 'bind' the filter searches for the DN # otherwise the filter searches for the userPassword attribute #ldap_filter: uid=%u # debugging LDAP operation #ldap_debug 0 # require and verify server certificate #ldap_tls_check_peer: no #ldap_tls_cacert_file: #ldap_tls_cacert_dir: # list of SSL/TLS ciphers to allow #ldap_tls_ciphers: DEFAULT # files containing client certificate and key #ldap_tls_cert: #ldap_tls_key: # my attempts mechanisms="sasldb shadow pam ldap" --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
