i followed some howtos on the net and provides wit cyrus,
it uses pam to store some stuff in a mysql 5.1 DB.
i can only login with imtest when i create the user I created with
saslpasswd2 and "cm user.*" also create this user in the DB,
which was installed during the web-cyradmin installation.
Do I understand right that I have the db with the user accounts on the
frontend and the mailboxes on the backend, so I dont need any DB and
accounts in the sasldb1 on the backend?
Another point is that I cant delete any user with dm, it asks for a
password, when i enter the correct one it asks again until i enter a wrong
one..!
not an easy setup, but its making progress...
here are my config file:
frontend/mupdater
admins: cyrus cyrus-frontend cyrus-backend
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
#admins: cyrus
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
##
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN DIGEST-MD5
sasl_auxprop_plugin: sasldb
sasl_minimum_layer: 0
sasl_auto_transition: no
#sasl_pwcheck_method: auxprop
#sasl_auxprop_plugin: sasldb
#sasl_auxprop_plugin: sql
#sasl_sql_engine: mysql
#sasl_sql_hostnames: localhost
#sasl_sql_user: sqlpassword
#sasl_sql_database: cyrus
#sasl_sql_verbose: no
#sasl_sql_select: SELECT password FROM cyrus_mail WHERE username = '%u' AND
active='1'
#sasl_sql_usessl: 0
#allowplaintext: yes
tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
postmaster: postmaster
allowanonymouslogin: no
allowplaintext: yes
# servername: localhost
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
sieve_maxscriptsize: 32
sieve_maxscripts: 5
#unixhierarchysep: yes
#tls_ca_file:/var/lib/imap/server.pem
#tls_cert_file:/var/lib/imap/server.pem
#tls_key_file:/var/lib/imap/server.pem
realm: mailfarm21.local
##################
# MUPDATE Master #
##################
servername: mail2.mailfarm21.local
# hier kommt der backend server
proxy_authname: cyrus-frontend
mail1_password: secret
proxy_password: secret
#proxyservers: mail1.mailfarm21.local
proxyd_disable_mailbox_referrals: 1
## mupdate client?
mupdate_server: mail2.mailfarm21.local
mupdate_port: 3905
mupdate_username: cyrus-frontend
mupdate_authname: cyrus-frontend
mupdate_password: secret
backend:
admins: cyrus cyrus-frontend cyrus-backend
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
postmaster: postmaster
allowanonymouslogin: no
allowplaintext: yes
servername: localhost
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
sieve_maxscriptsize: 32
sieve_maxscripts: 5
#unixhierarchysep: yes
#tls_ca_file:/var/lib/imap/server.pem
#tls_cert_file:/var/lib/imap/server.pem
#tls_key_file:/var/lib/imap/server.pem
## sasl kram
sasl_auxprop_plugin: sasldb
sasl_pwcheck_method: saslauthd
#sasl_pwcheck_method: auxprop
sasl_mech_list: plain login DIGEST-MD5
#################
# mupdate slave #
#################
mupdate_server: mail2.mailfarm21.local
mupdate_port: 3905
mupdate_username: cyrus-backend
mupdate_authname: cyrus-backend
mupdate_password: secret
#mupdate_config: unified
# frontendzugriff
proxyservers: mail2.mailfarm21.local
proxy_authname: cyrus-backend
# transfer between backends
allowusermoves: yes
allowsubscribes: yes
cyrus.conf
# standard standalone server implementation
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is only necessary if using idled for IMAP IDLE
idled cmd="idled"
#
# resync the mailbox with the master at startup
mupdatepush cmd="ctl_mboxlist -m"
}
# UNIX sockets start with a slash and are put into /var/lib/imap/sockets
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=5
imaps cmd="imapd -s" listen="imaps" prefork=1
pop3 cmd="pop3d" listen="pop3" prefork=3
pop3s cmd="pop3d -s" listen="pop3s" prefork=1
sieve cmd="timsieved" listen="sieve" prefork=0
# these are only necessary if receiving/exporting usenet via NNTP
# nntp cmd="nntpd" listen="nntp" prefork=3
# nntps cmd="nntpd -s" listen="nntps" prefork=1
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1
# this is only necessary if using notifications
# notify cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp"
prefork=1
#
mupdate cmd="/usr/lib/cyrus-imapd/mupdate" listen="3905" prefork=1
fud cmd="fud" proto="udp" listen="4201" profork=0 maxchilds=10
}
EVENTS {
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=30
# this is only necessary if using duplicate delivery suppression,
# Sieve or NNTP
delprune cmd="cyr_expire -E 3" at=0400
#delprune cmd="ctl_deliver -E 3" period=1440
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" at=0400
# Squat failed, helps
squatter cmd="squatter -r user" period=1440
}
On Jan 11, 2008 2:30 PM, Ken Murchison <[EMAIL PROTECTED]> wrote:
> rupert wrote:
> > another questions is:
> > does the mysql database have to be on both machines or does the frontend
> > cyrus get its data from the backend and doesnt store anything inside its
> > local DB?
>
> What MySQL database? For authentication? All user credentials need to
> be verified on the frontends. If you IMAP client(s) support referrals,
> then they might also authenticate directly on the backends. Otherwise,
> only the "murder" user authenticates on the backends.
>
>
>
> > I created a new domain and user on the backend with web-cyradm and on
> > the frontend/mupdate i can get the data with lm, but I cant connect with
> > a mail client.
> >
> > On Jan 11, 2008 1:13 PM, Rupertt <[EMAIL PROTECTED]
> > <mailto:[EMAIL PROTECTED]>> wrote:
> >
> > Ken Murchison wrote:
> >> rupert wrote:
> >>
> >>> Hello first,
> >>> I was able to set up an murder cluster with one backend and a
> frontend
> >>> which also acts as a mupdate server.
> >>> i could get the mailbox accounts from the backend, which was a
> >>> standalone before.
> >>> I read that now the murder is running i should "only" create
> accounts on
> >>> the frontend and dont do anything manually on the backend, right?
> >>>
> >>> When I now create a user with web-cyradm on the frontend it
> creates the
> >>> entry in the DB, but the logfile says:
> >>>
> >>> Jan 11 12:34:02 mail2 mupdate[2166]: cmd_set(fd:18, user.ralf)
> >>> Jan 11 12:34:02 mail2 imap[2183]: mupdate NO response: mailbox
> already
> >>> exists
> >>> Jan 11 12:34:02 mail2 imap[2183]: MUPDATE: can't reserve mailbox
> entry
> >>> for 'user.ralf'
> >>> Jan 11 12:34:02 mail2 imap[2183]: autocreateinbox: User ralf,
> INBOX
> >>> failed. unable to reserve mailbox on mupdate server
> >>>
> >>>
> >>> when i try to add the user with "cm ralf" i get a permission
> denied
> >>> error in the cyradm console.
> >>>
> >>> i could add a new mailbox on the backend by hand and when I do a
> "lm" on
> >>> the frontend the new account gets listed there.
> >>>
> >>> So how can I proceed?
> >>>
> >> Toplevel mailboxes MUST be created on the backend.
> >>
> >>
> >>
> > you mean like "ralf", well i tried "user.ralf" and it still does not
> > work.
> >
> > this is my current list:
> >
> > sam (\HasNoChildren) user.sigi (\HasChildren)
> > testuser (\HasNoChildren) user.sigi.Sent (\HasNoChildren)
> > user.box1 (\HasNoChildren) user.sigi.Trash (\HasNoChildren)
> > user.jon (\HasNoChildren) user.tb0001 (\HasNoChildren)
> > user.roy (\HasChildren) user.test1 (\HasNoChildren)
> > user.roy.Sent (\HasNoChildren) user.test2 (\HasNoChildren)
> > user.roy.Trash (\HasNoChildren) user.testuser (\HasNoChildren)
> >
> >
> >
> >
>
>
> --
> Kenneth Murchison
> Systems Programmer
> Project Cyrus Developer/Maintainer
> Carnegie Mellon University
>
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
