Hello! I tried to identify my problem in the archives but the closest was that described by Mike Nuss in msgid 32056 (and http://acs- wiki.andrew.cmu.edu/twiki/bin/view/Cyrus/CreateMailboxPermissionDenied). Unfortunatelly the 'solution' is not implementable in my case.
In short: FC3 with the latest patches cyrus-impapd version 2.2.10 release 3.fc3 by RH cyrus-sasl version 2.1.19 release 3 by RH openldap Version 2.2.13 Release 2 by RH postfix Version 2.1.5 Release 5 by RH The server is currently located in a firewalled network *not* affiliated by the target domains (foo.com nor bar.com). Foo.com is the real domain while bar.com is the virtual domain. Saslauthd is configured to authenticate against the LDAP-server /etc/saslauthd.conf ---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<--- ldap_servers: ldap://localhost:389/ ldap_bind_dn: cn=Manager,dc=foo,dc=com ldap_bind_pw: <passwd> ldap_search_base: dc=foo,dc=com ldap_filter: uid=%u ---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<--- /etc/imapd.conf ---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<--- configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN virtdomains: yes defaultdomain: foo.com tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt ---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<--- The directories do have the correct permissions AFAIK, cyrus.mail all the way both for '/var/lib/imap' as well '/var/spool/imap'. The latter has two subdirs, 'domain' and 'stage.' Now if I run cyradm I get the following: #cyradm --user cyrus localhost IMAP Password: localhost> lm localhost> createmailbox [EMAIL PROTECTED] createmailbox: Permission denied localhost> createmailbox [EMAIL PROTECTED] createmailbox: Invalid mailbox name The same results if I log on as [EMAIL PROTECTED] The difference is that the realm in saslauthd (running in another window with the -d parameter) is undefined in the first example, while it is set to localhost.localdomain in the second example. If I use either [EMAIL PROTECTED] or [EMAIL PROTECTED] as defined in the imapd.conf as admin I get the following: # cyradm --user [EMAIL PROTECTED] localhost IMAP Password: localhost> lm localhost> createmailbox [EMAIL PROTECTED] createmailbox: Permission denied So no luck there, but to confuse things, the virtual seems to be work, albeit in a very broken way: cyradm --user [EMAIL PROTECTED] localhost IMAP Password: localhost> lm INBOX (\HasChildren) INBOX.uptest (\HasNoChildren) INBOX.Trash (\HasNoChildren) So it looks like I'm in user.poltsi, however: localhost> createmailbox [EMAIL PROTECTED] localhost> lm INBOX (\HasChildren) INBOX.uptest (\HasNoChildren) INBOX.Trash (\HasNoChildren) user.kvide (\HasNoChildren) No the structure looks very bizarre. Checking through the email-client however there is no user/kvide subdir, and in /var/spool/imap/domain/b/bar.com/ there is now two subdirs, 'k' and 'p' both with proper structure. The uptest-subdir was created by me through the email client. What am I missing here, why is the global admin (cyrus) unable to list/create mailboxes and *why* does it work (in a weird way) for the virtual domain? I tried with the 'virtdomains: userid' but this seemed to be broken likewise since I could not list mailboxes per domain with the command 'lm [EMAIL PROTECTED]', the command listed all the mailboxes. I also tested the setup with the following two parameters in saslauthd.conf: ldap_default_domain: foo.com ldap_filter: [EMAIL PROTECTED] But then I was unable to log on with the email client. This is very vexing since cyrus-imapd seems to work partially but not consistently and I can't spot where the problem is in the configuration. With regards, Poltsi -- Paul-Erik Törrönen, Cardinal Information Systems Ltd. Pursimiehenkatu 29-31 C 00150 Helsinki, Finland Mobile: +358 (0)40 703 1231 Phone: +358 (0)424 792 204 Fax: +358 (0)424 792 207 http://www.cardinal.fi/ --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
