Andreas Hasenack wrote:
On Tue, Mar 29, 2005 at 03:31:13PM -0500, Scott Balmos wrote:
Hi all,
I had this problem solved months ago, but that was on a different system. I'm running imapd using saslauthd as the authentication mechanism. saslauthd, in turn, is running through PAM, which runs to my LDAP server, to do all authentication.
I was wondering if there was a way to get saslauthd, or imapd (whichever is the case), to fall back onto checking the local sasldb2 database (auxprop?). There are a few "system" accounts, like cyrus and some system-accessible-only manager accounts, that I want to keep out of LDAP.
Try this in /etc/imapd.conf:
sasl_pwcheck_method: saslauthd auxprop
Ayup... that did it. Thanks!
I would suggest, to the writers of the example config files, that sasl_pwcheck_method's wording be changed to note that you can allow both of these options. As it is, and this is where I got hung up, the comments sound like it can only be auxprop OR saslauthd, not both.
--Scott
--- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
