On Thu, 29 Dec 2005 [EMAIL PROTECTED] wrote:
We have the following set in the imapd.conf for 2.3.1 install:
virtdomains: on
admins: globaladmin [EMAIL PROTECTED]
defaultdomain: xyz.com
and in saslauthd.conf:
ldap_default_realm: xyz.com
Following cyradm logins fail for the 'globaladmin', whether or not
FQDN is passed as an option of '-u' argument:
cyradm -u globaladmin localhost
cyradm -u [EMAIL PROTECTED] localhost
However [EMAIL PROTECTED] succeeds in login. Ldap logs indicate
that the domain passed for 'globaladmin' is 'adari.net' and not
xyz.com. It appears that the application is doing a reverse dns
and obtaining the domain 'adari.net' instead of using the
defaultdomain (ldap_default_realm).
Any other parameters to set for the system to pick the right domain
(ie xyz.com) for the globaladmin?
A bit of debugging the saslauth revealed that it is not going to
use "ldap_default_realm" value unless it gets a null ("") realm
from imap. I have not looked into the imap code, but it appears
that it is sending the "reverse dns" host name as the realm.
Anyway to force imap to use passed fqdn as the realm for following
case: cyradm -u [EMAIL PROTECTED] localhost
Alternatively, is there anyway to make imap send null ("") to sasl
when global admin logins as: cyradm -u globaladmin localhost
About a year half ago, when we looked to migrate to 2.2.x from 2.1.x,
above scenario (cyradm -u globaladmin localhost) worked. Something
may have changed since then. Docs and mail archives have no references.
Appreciate any pointers.
Use virtdomains: userid
--
Igor
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
