Walter ArgÃello CortÃs wrote:
*********************** NO se encontrà virus en el archivo adjunto : no filename
Este E-mail se ha verificado por el programa de Antivirus de T.G. Express S.A.
***********************
------------------------------------------------------------------------
Hi:
My problem is virtual-domains+cyrus-imapd+saslauthd+ldap. Using the next configuration:
saturno:~ # saslauthd -v saslauthd 2.1.19 authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap
saturno:~ # cat /etc/saslauthd.conf ldap_servers: ldap://127.0.0.1 ldap_bind_dn: cn=ldapadmin,dc=systems,dc=com,dc=co ldap_bind_pw: secret ldap_search_base: ou=virtualdomains,dc=systems,dc=com,dc=co ldap_filter: (&(mail=%u)(uid=%U))
When testing saslauthd with testsaslauthd and a valid entry in OpenLDAP:
saturno:~ # testsaslauthd -u [EMAIL PROTECTED] -p 54321 0: OK "Success."
But, when testing cyrus-imapd with the same entry in OpenLDAP, slapd is requested to do a search without the domain component of the username an the "@". Then, [EMAIL PROTECTED] is truncated and gived to slapd (&(mail=walter)(uid=walter)) instead (&([EMAIL PROTECTED])(uid=walter))
My cyrus config:
saturno:~ # cat /etc/imapd.conf configdirectory: /var/lib/imap partition-default: /var/spool/imap sievedir: /var/lib/sieve admins: cyrus allowanonymouslogin: no autocreatequota: 102400 reject8bit: no quotawarn: 90 timeout: 30 poptimeout: 10 dracinterval: 0 drachost: localhost sasl_pwcheck_method: saslauthd lmtp_overquota_perm_failure: no defaultdomain: curso.edu virtdomains: userid
saturno:~ # rpm -q cyrus-imapd cyrus-imapd-2.2.8-6.3
saturno:~ # pop3test -a [EMAIL PROTECTED] WARNING: no hostname supplied, assuming localhost
S: +OK saturno Cyrus POP3 v2.2.8 server ready
<[EMAIL PROTECTED]>
C: CAPA
S: +OK List of capabilities follows
S: SASL DIGEST-MD5 CRAM-MD5
S: EXPIRE NEVER
S: LOGIN-DELAY 0
S: TOP
S: UIDL
S: PIPELINING
S: RESP-CODES
S: AUTH-RESP-CODE
S: USER
S: IMPLEMENTATION Cyrus POP3 server v2.2.8
S: .
C: AUTH DIGEST-MD5
S: +
bm9uY2U9Ikc3blozdkY2dEZwR0lQcHhSNXNXOWErWDlaZU4ycEFSRmVhV1V2aFB3NU09IixyZWFsbT0ic2F0dXJubyIscW9wPSJhdXRoLGF1dGgtaW50LGF1dGgtY29uZiIsY2lwaGVyPSJyYzQtNDAscmM0LTU2LHJjNCxkZXMsM2RlcyIsbWF4YnVmPTQwOTYsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3M=
Please enter your password:
C:
dXNlcm5hbWU9InJvb3QiLHJlYWxtPSJzYXR1cm5vIixhdXRoemlkPSJ3YWx0ZXJAZG9taW5pby5jb20iLG5vbmNlPSJHN25aM3ZGNnRGcEdJUHB4UjVzVzlhK1g5WmVOMnBBUkZlYVdVdmhQdzVNPSIsY25vbmNlPSJJSXFacm15UWxTNlpEdHExMVhRUTNUWVZsTXhHbG9BV0NvRHpXOVdyQnY0PSIsbmM9MDAwMDAwMDEscW9wPWF1dGgtY29uZixjaXBoZXI9cmM0LG1heGJ1Zj0xMDI0LGRpZ2VzdC11cmk9InBvcC9sb2NhbGhvc3QiLHJlc3BvbnNlPWMyNjkwOWU2YzBmYzhiMGNiOGQ1NWVlNjNlNzNhYTk5
S: -ERR [AUTH] authenticating: user not found
Authentication failed. generic failure
Security strength factor: 128
quit
+OK
CRAM-MD5 and DIGEST-MD5 mechanisms work ONLY against "sasldb2". So far I have not seen a LDAP bridge for it.
I thought I saw a "axprop: ldap" idea somewhere along the road, but canÄt say for sure.
Nix.
--- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
