Re: cyrus password no longer authenticates to server

[Mike Partyka]

On Aug 8, 2005, at 12:14 AM, Simon Matter wrote: I had a working cyrus-imapd installation and had successfully added an account in the following way. # First set password for cyrus account saslpasswd cyrus With your config below, I don't thing you are using sasldb. So why set a password in sasldb/sasldb2? The mail server i am using is a project called open-xchange and i believe sasl is being used as a medium to communicate with ldap, here are two files that make this communication possible through the saslauthd daemon. I  the case of the cyrus user however i think this is stored in the sasldb and used strictly for administering the cyrus imapd service and more specifically for creating mailboxes # /etc/saslauthd.conf ldap_servers: ldap://ox-domain.tld:389/  ldap_bind_dn: cn=Manager,dc=ox-domain,dc=tld  ldap_bind_pw: ldapsecretpassword  ldap_search_base: dc=ox-domain,dc=tld # /etc/conf.d/saslauthd #SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam"  SASLAUTH_MECH=ldap  SASLAUTHD_OPTS="-a ${SASLAUTH_MECH}" # Using the cyrus account i initially used the command line below to create an initial account. cyradm -u cyrus mydomain.com mydomain>cm myself With your config below, I think you may wynt to create a mailbox with cm user.myself Once the authentication completes this is how i would proceed to making a new mailbox mydomain>exit # Today i attempted to create another mailbox and got the following error. [EMAIL PROTECTED] ~ $ cyradm -user cyrus mydomain.com I'm quite sure you have changed your config now. IMAP Password:                Login failed: authentication failure at /usr/lib/perl5/ site_perl/5.8.6/i686-linux/Cyrus/IMAP/Admin.pm line 118 cyradm: cannot authenticate to server with  as cyrus # The /var/log/messages file just reiterates the failure to authenticate so really doesn't tell me anything i didn't know And what does it tell you? Here is a chunk of logging relating to the login failure, it doesn't seem very helpful to me but maybe you'll get something more from it. Aug  8 07:09:48 sand imap[14154]: badlogin: sand.mydomain.com [192.168.0.3] plaintext cyrus SASL(-13): authentication failure: checkpass failed Aug  8 07:10:32 sand imap[14154]: badlogin: sand.mydomain.com [192.168.0.3] plaintext cyrus SASL(-13): authentication failure: checkpass failed Aug  8 07:11:30 sand imap[14154]: badlogin: sand.mydomain.com [192.168.0.3] plaintext cyrus SASL(-13): authentication failure: checkpass failed Aug  8 07:13:20 sand imap[14195]: badlogin: sand.mydomain.com [192.168.0.3] plaintext cyrus SASL(-13): authentication failure: checkpass failed Aug  8 07:16:50 sand imap[14203]: badlogin: localhost [127.0.0.1] plaintext cyrus SASL(-13): authentication failure: checkpass failed Aug  8 07:21:01 sand ctl_cyrusdb[14221]: checkpointing cyrus databases In fact I don't think anybody can help you with this kind of information. I am not very familiar with Cyrus and am not sure what would be helpful here but would be happy to provide almost anything you suggest? i have only one other working user and i have considered dumping the /etc/sasl2/sasldb2 file which is i believe where the cyrus user's authentication info is located. Do you think this would let me recreate the cyrus account in  the sasldb? Simon # I have reset/recreated the cyrus account and password with the saslpasswd2 command but i continue to get the error above though i know i am using the correct password i just can't authenticate to the server mydomain.com Can anyone give me some pointers as to what might need to be done in order for me to be able to login to mydomain.com using the cyrus account? Here is my /etc/imapd.conf # Use this if sieve-scripts could be in ~user/.sieve. #sieveusehomedir:       yes # Use saslauthd if you want to use pam for imap. # But be warned: login with DIGEST-MD5 or CRAM-MD5 # is not possible using pam. sasl_pwcheck_method:    saslauthd lmtp_downcase_rcpt:     yes #################################################### ## This is a recommended authentication method if you ## emerge cyrus-sasl with 'postgres' or 'mysql' ## To use with mysql database uncomment those lines below. #sasl_pwcheck_method: auxprop #sasl_auxprop_plugin: sql ## possible values for sasl_auxprop_plugin 'mysql', 'pgsql', 'sqlite'. #sasl_sql_engine: mysql ## all possible values. sasl_mech_list: PLAIN ## or limit to CRAM-MD5 only #sasl_mech_list: CRAM-MD5 ## change below to suit your setup. sasl_sql_user: mailsqluser sasl_sql_passwd: password sasl_sql_database: mailsqldb sasl_sql_hostnames: localhost sasl_sql_select: SELECT clear FROM users WHERE email = '[EMAIL PROTECTED]' Thanks in Advance for any help! Michael W. Partyka Jumpnode Systems, LLC Systems Administrator 612.605.5056 Desk Mike Partyka Jumpnode Systems, LLC Systems Administrator (612)605-5056 Desk (612)605-5099 Fax