On Wed, 2005-10-05 at 01:31 -0500, Marcus I. Ryan wrote: > I've set up SASL with an LDAP backend that checks for a user in either > the ou of the SASL realm, or the ou matching their domain (so > [EMAIL PROTECTED] as the username or user with domain.tld as the realm). > > I got it working using testsaslauthd, but when I try it through IMAP it > appears IMAP strips the domain from the userid before it passes it to > SASL, and doesn't pass it as a realm. I can handle it either way > (passing a username of [EMAIL PROTECTED] or having it passed in as a > userid and a realm), but it doesn't seem to do either. Am I missing a > setting/configuration option, or does this require some kind of code > patch?
[snip] > > Any thoughts are appreciated. Thanks. What version of SASL are you using? What version of Cyrus IMAP? Are you using %u and %f in the ldap_filter configuration in saslauthd,.conf? The userid is sent in %u and the realm (domain) in %r. (this is in cyrus sasl version 2.1.20, cyrus imapd 2.2.12) Also try setting the virtdomains: userid in /etc/imapd.conf (if using cyrus 2.2.x) That will ensure that cyrus sends the whole userid to sasl. -- Edward Rudd <[EMAIL PROTECTED]> ---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
