On Wed, 8 Dec 2004, Thomas Vogt wrote:
Hi
I'm very confused with sasl and cyrus. All my users are in a ldap database.
I can't authenticate with imtest. I searched the mailing list archiv.
My enviroment ist very basic.
my saslauth.conf ldap_servers: ldap://soho ldap_search_base: ou=people,ou=lan,dc=lan,dc=ch ldap_filter: (|(uid=%u)(mailacceptinggeneralid=%u))
My ldap works.
soho# testsaslauthd -u sohotest -p testsoho 0: OK "Success.
But when I try to do imtest it doesn't work
soho# imtest -m plain -a sohotest -w testsoho WARNING: no hostname supplied, assuming localhost
S: * OK soho Cyrus IMAP4 v2.2.10 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED S: C01 OK Completed C: A01 AUTHENTICATE PLAIN S: A01 NO encryption needed to use mechanism Authentication failed. generic failure Security strength factor: 0
and the logfile shows: Dec 8 12:33:35 soho imap[52411]: badlogin: localhost [127.0.0.1] PLAIN [SASL(-16): encryption needed to use mechanism: security flags do not match required]
imapd.conf: configdirectory: /var/imap partition-default: /var/spool/imap servername: soho singleinstancestore: true hashimapspool: true fulldirhash: true admins: admin sasl_pwcheck_method: saslauthd sasl_minimum_layer: 0 sasl_maximum_layer: 1 sasl_mech_list: PLAIN
I don't need strong encryption. The password is not stored as plaintext in the ldap database.
Do you need more informationen? Can anyone help me with this problem?
Try adding:
# Allow plaintext logins by default (SASL PLAIN) allowplaintext: yes
to your imapd.conf.
Andy --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
