> We have the following set in the imapd.conf for 2.3.1 install:
> virtdomains: on
> admins: globaladmin [EMAIL PROTECTED]
> defaultdomain: xyz.com
>
> and in saslauthd.conf:
> ldap_default_realm: xyz.com
>
> Following cyradm logins fail for the 'globaladmin', whether or not
> FQDN is passed as an option of '-u' argument:
>
> cyradm -u globaladmin localhost
> cyradm -u [EMAIL PROTECTED] localhost
>
> However [EMAIL PROTECTED] succeeds in login. Ldap logs indicate
> that the domain passed for 'globaladmin' is 'adari.net' and not
> xyz.com. It appears that the application is doing a reverse dns
> and obtaining the domain 'adari.net' instead of using the
> defaultdomain (ldap_default_realm).
>
> Any other parameters to set for the system to pick the right domain
> (ie xyz.com) for the globaladmin?
A bit of debugging the saslauth revealed that it is not going to
use "ldap_default_realm" value unless it gets a null ("") realm
from imap. I have not looked into the imap code, but it appears
that it is sending the "reverse dns" host name as the realm.
Anyway to force imap to use passed fqdn as the realm for following
case: cyradm -u [EMAIL PROTECTED] localhost
Alternatively, is there anyway to make imap send null ("") to sasl
when global admin logins as: cyradm -u globaladmin localhost
About a year half ago, when we looked to migrate to 2.2.x from 2.1.x,
above scenario (cyradm -u globaladmin localhost) worked. Something
may have changed since then. Docs and mail archives have no references.
Appreciate any pointers.
Thanks
__
Seva
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
