Hello I've use cyrus-imapd 2.2.10 and saslauthd.
saslauthd works fine: testsaslauthd -u pc322 -p testpw 0: OK "Success." testsaslauthd -u [EMAIL PROTECTED] -p testpw 0: OK "Success." (same user in the ldap database. pc322 is uid, [EMAIL PROTECTED] is mailacceptinggeneralid) Thats why I've defined ldap filter. The idea is to check mailboxes with uid as username or with the ldap entry in mailacceptinggeneralid as username. imapd.conf: configdirectory: /var/imap partition-default: /var/spool/imap servername: testserver.lan hashimapspool: true poptimeout: 10 allowplaintext: yes sasl_pwcheck_method: saslauthd ldap_filter: (|(uid=%u)(mailacceptinggeneralid=%u)) saslauthd.conf: ldap_servers: ldap://home.lan ldap_search_base: ou=people,ou=lan,dc=lan,dc=ch ldap_filter: (|(uid=%u)(mailacceptinggeneralid=%u)) First of all. Do I've to definied the ldap_filter in imapd.conf and in saslauthd.conf? I thought sasl_pwcheck_method: saslauthd for imapd.conf is enough. Login with the uid/mailbox name in ldap (username: pc322) works fine. Escape character is '^]'. +OK mail.lan Cyrus POP3 v2.2.10 server ready <[EMAIL PROTECTED] user pc322 +OK Name is a valid mailbox pass testpw ... Now I tried to login with the username from mailacceptinggeneralid in ldap (username: [EMAIL PROTECTED]). Escape character is '^]'. +OK mail.lan Cyrus POP3 v2.2.10 server ready <[EMAIL PROTECTED] user [EMAIL PROTECTED] -ERR [AUTH] Invalid user This error message returned immediately. There was no check from cyrus imapd to saslauthd => ldap. Is it not possible to authenticate a user in cyrus-imapd with other names than the default uid/mailbox name even if I've set ldap_filter? Is the username check limited to the mailbox.db? I mean cyrus can always get the uid if a user authenticate itself as with another entry in den ldap server. regards Thomas
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
