On Wed, 2010-04-14 at 13:33 -0400, Wesley Craig wrote:
> On 14 Apr 2010, at 12:42, Shelley Waltz wrote:
> > I wish a simple way to control who in the LDAP database may login
> > and autocreate a cyrus imap account. Not everyone in the LDAP
> > database,
> > just certain users. Any suggested met
On 14 Apr 2010, at 12:42, Shelley Waltz wrote:
> I wish a simple way to control who in the LDAP database may login
> and autocreate a cyrus imap account. Not everyone in the LDAP
> database,
> just certain users. Any suggested methods?
>
> I have RHEL5 with
> cyrus-imapd-2.3.7-7
> cyrus-sasl-2.
I wish a simple way to control who in the LDAP database may login
and autocreate a cyrus imap account. Not everyone in the LDAP database,
just certain users. Any suggested methods?
I have RHEL5 with
cyrus-imapd-2.3.7-7
cyrus-sasl-2.1.22-5
and use
sasl_pwcheck_method: saslauthd
sasl_mech_list: PL
* Adam Tauno Williams <[EMAIL PROTECTED]> [26-01-05 18:51]:
> > No, that's incorrect. They work with the sql auxprop also and with
> > ldapdb auxprop mech. For authentication out af a LDAP DIT you must use
> > the ldapdb plugin provided in the openldap contrib area.
> > See:
> > http://www.bil
> > CRAM-MD5 and DIGEST-MD5 mechanisms work ONLY against "sasldb2". So far I
> > have not seen a LDAP bridge for it.
> > I thought I saw a "axprop: ldap" idea somewhere along the road, but
> > canÄt say for sure.
> No, that's incorrect. They work with the sql auxprop also and with
> ldapdb aux
er [ISO-8859-1] Argüello Cortés wrote:
***
NO se encontró virus en el archivo adjunto : no filename
Este E-mail se ha verificado por el programa de Antivirus de T.G. Express S.A.
***
--
IgorHi:
My problem is virtual-domains+cyrus-imapd+saslauthd+ldap.
Nikola Milutinovic wrote:
CRAM-MD5 and DIGEST-MD5 mechanisms work ONLY against "sasldb2". So far I
have not seen a LDAP bridge for it.
I thought I saw a "axprop: ldap" idea somewhere along the road, but
canÄt say for sure.
Nix.
No, that's incorrect. They work with the sql auxprop also and w
problem is virtual-domains+cyrus-imapd+saslauthd+ldap.
Using the next configuration:
saturno:~ # saslauthd -v
saslauthd 2.1.19
authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap
saturno:~ # cat /etc/saslauthd.conf
ldap_servers: ldap://127.0.0.1
ldap_bind_dn: cn=ldapadmin,dc=systems
***
NO se encontrà virus en el archivo adjunto : no filename
Este E-mail se ha verificado por el programa de Antivirus de T.G. Express S.A.
***
Hi:
My problem is virtual-domains+cyrus-imapd+saslauthd+ldap.
Using the next configuration:
saturno
: [EMAIL PROTECTED]; Joe Rhett
Subject: Re: Re: smtp auth + saslauthd + ldap
hi!
thanks for ur reply, i'm trying it on RedHat enterprise Linux3.0. I also
have a similar setup but saslauthd is't working with sendmail, i tested it
with testsaslauthd its working fine, it is also working fine
Sure you can and it makes very good sense to do it, I just set it up and
we went live today.
This is how my mail server is configured - Sendmail requires SMTP AUTH for
relaying using SASLv2(plain/login) over TLS, saslauthd uses the ldap
auth_mech to connect to ldap(bdb backend) which contains the
On Thu, Oct 28, 2004 at 01:11:55PM +0530, Chetan Dutta wrote:
> has anybody configured sendmail for smtp auth with saslauthd/pwcheck and
> ldap.
Which one are you trying? You can't possibly be doing all three...
--
Joe Rhett
Senior Geek
Meer.net
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
dear all,
has anybody configured sendmail for smtp auth with saslauthd/pwcheck and
ldap. i've googled a lot and tried different tricks but nothing seems to
work. smtp auth works fine with PAM.
i'm continously getting the following errors:
535 5.7.0 authentication failed
and
saslauthddo_req
On Thu, 9 Sep 2004, Juergen Schinker wrote:
i tried to authenticate via saslauthd to ldap (now mysql)
Sep 7 21:54:05 gate slapd[1000]: conn=153 fd=21 ACCEPT from IP=127.0.0.1:36884
(IP=0.0.0.0:389)
Sep 7 21:54:05 gate slapd[1011]: conn=153 op=0 BIND dn="" method=128
Sep 7 21:54:05 gate slapd[101
i tried to authenticate via saslauthd to ldap (now mysql)
Sep 7 21:54:05 gate slapd[1000]: conn=153 fd=21 ACCEPT from IP=127.0.0.1:36884
(IP=0.0.0.0:389)
Sep 7 21:54:05 gate slapd[1011]: conn=153 op=0 BIND dn="" method=128
Sep 7 21:54:05 gate slapd[1011]: conn=153 op=0 RESULT tag=97 err=0 text=
Wheldon
> Cc: [EMAIL PROTECTED]
> Subject: Re: Saslauthd ldap and virtual domains
>
>
>
> On Wed, 9 Jun 2004, Martin Wheldon wrote:
>
> > Hi,
> >
> > I'm currently running cyrus-sasl 2.1.17, cyrus-imap 2.2.3, openldap
> > 2.2.4 which was worki
To: Martin Wheldon
Cc: [EMAIL PROTECTED]
Subject: Re: Saslauthd ldap and virtual domains
On Wed, 9 Jun 2004, Martin Wheldon wrote:
> Hi,
>
> I'm currently running cyrus-sasl 2.1.17, cyrus-imap 2.2.3, openldap
> 2.2.4 which was working fine and still is for a single domai
On Wed, 9 Jun 2004, Martin Wheldon wrote:
> Hi,
>
> I'm currently running cyrus-sasl 2.1.17, cyrus-imap 2.2.3, openldap
> 2.2.4 which was working fine and still is for a single domain.
>
You need to get saslauthd from cvs and run saslauthd -r -a ldap
> Now I've added a second domain
Hi,
I'm currently running cyrus-sasl 2.1.17, cyrus-imap 2.2.3, openldap
2.2.4 which was working fine and still is for a single domain.
Now I've added a second domain I have it a authentication problem.
My mailboxes are named as follows:-
Mwheldon
[EMAIL PROTECTED]
The problem sh
On Fri, 4 Jun 2004, Simon Matter wrote:
I'm using both versions on different servers and I can say they both work
very well for me. The pam way is more flexible if you have more than one
place where users are stored, say LDAP and MySQL, or you want to restrict
logins by other means like time or wha
;
> I have got your mean, if i want to add the virtual domains support to
> cyrus-imapd,
> I have no choice to use saslauthd -a ldap.
> But in the condition of only one domain, the pam auth is more flexible.
>
saslauthd+ldap is much faster and it does not require you to use posix
Simon Matter wrote:
The only problem I see with pam_ldap is with the cyrus-imapd virtual
domains. AFAIK it doesn't work for more than one domain because PAM
doesn't know about realms.
I have got your mean, if i want to add the virtual domains support to
cyrus-imapd,
I have no choice to use sasl
> Hi,
>
> I have been working on a Mail System for several days.
> I used Postfix + Cyrus-IMAPd + Cyrus-SASL + OpenLDAP.
> LDAP Database is the accounts container.
> And the system should support virtual domains.
> All the processes which accesses the LDAP database thru saslauthd.
>
> I am using th
Hi,
I have been working on a Mail System for several days.
I used Postfix + Cyrus-IMAPd + Cyrus-SASL + OpenLDAP.
LDAP Database is the accounts container.
And the system should support virtual domains.
All the processes which accesses the LDAP database thru saslauthd.
I am using the saslauthd's ldap
On Wed, 25 Feb 2004, TN wrote:
> How strange. It works for me without all this malarkyI'm using
> virtual domains & ldap too, and it works whether or not
> the domains are userid or both methods, and my cyrus admin does not have
> appended @ stuff. ldap is my only mech too, so another mech is
How strange. It works for me without all this malarkyI'm using
virtual domains & ldap too, and it works whether or not
the domains are userid or both methods, and my cyrus admin does not have
appended @ stuff. ldap is my only mech too, so another mech is not
intervening.
Edward Rudd w
MY cyrus admin user IS in the ldap. The issue was with how cyrus was
auto appending the machine's domain to the username if it did not
contain an @ which i do not want it to do.. So the virtdomains: userid
is the solution for my setup..
On Tue, 2004-02-24 at 16:56, TN wrote:
> Another option whi
Another option which I use is I just add the cyrus admin as a regular
user in the ldap db, so it just gets looked up as usual.
This might have the advantage of working for people who want ip-bound
virtual domains (ie. virtualdomains: yes) instead of userid.
cheers
-Trevor.
Edward Rudd wrote:
Aha, Thanks very much that did it..
Setting virtdomains to 'userid' instead of 'true' fixed the issue..
On Tue, 2004-02-24 at 15:54, Igor Brezac wrote:
> On Tue, 24 Feb 2004, Edward Rudd wrote:
>
> > I have a cyrus-imapd 2.2.3 installation and am using saslauthd from my
> > cyrus-sasl 2.1.15 inst
On Tue, 24 Feb 2004, Edward Rudd wrote:
> I have a cyrus-imapd 2.2.3 installation and am using saslauthd from my
> cyrus-sasl 2.1.15 installation, normal authentication to my virtual
> domain users works fine.. ([EMAIL PROTECTED], [EMAIL PROTECTED],
> etc...)
> However I can not login as the adm
Message-
From: Edward Rudd <[EMAIL PROTECTED]>
Sent: Feb 24, 2004 4:19 PM
To: Cyrus-IMAP <[EMAIL PROTECTED]>
Subject: cyrus-imapd 2.2.3 and saslauthd/ldap domainless logins.
I have a cyrus-imapd 2.2.3 installation and am using saslauthd from my
cyrus-sasl 2.1.15 installation, normal au
I have a cyrus-imapd 2.2.3 installation and am using saslauthd from my
cyrus-sasl 2.1.15 installation, normal authentication to my virtual
domain users works fine.. ([EMAIL PROTECTED], [EMAIL PROTECTED],
etc...)
However I can not login as the administrator (cyrus) which has no domain
component to t
> Quoting Simon Matter <[EMAIL PROTECTED]>:
>
>> > Anyways, I've got the group added to LDAP, and 'id user' is showing
>> that
>> > getgrent(3) sees the 'straycats' group. However, setting the
>> > 'group:straycats'
>>
>> How is your saslauthd configured?
>
> I'm using Fedora Raw Hide, so in /etc/
Quoting Simon Matter <[EMAIL PROTECTED]>:
> > Anyways, I've got the group added to LDAP, and 'id user' is showing that
> > getgrent(3) sees the 'straycats' group. However, setting the
> > 'group:straycats'
>
> How is your saslauthd configured?
I'm using Fedora Raw Hide, so in /etc/sysconfig/sas
> Howdy, again,
>
> Another problem, another email. This problem I've yet to solve.
>
> I've got series of mailboxes (straycat.*) and I want to use the group:
> mechanism
> to set the ACLs for these mailboxes, as this seems the most elegant
> solution.
> I thought to myself, "I'll just add all the
Howdy, again,
Another problem, another email. This problem I've yet to solve.
I've got series of mailboxes (straycat.*) and I want to use the group: mechanism
to set the ACLs for these mailboxes, as this seems the most elegant solution.
I thought to myself, "I'll just add all the users to a POS
On Thu, 6 Mar 2003, Etienne Goyer wrote:
> ---
> configdirectory: /var/imap
> partition-default: /tmp
> admins: cyrus
> sasl_mech_list: PLAIN
> sasl_pwcheck_method: saslauthd
> ---
If you're using PLAIN to authenticate to your backends, you'll need to be
using 2.2 (with the TLS support for backen
Hi there,
I am setting up a Murder (cool technologie, btw) and I have a problem
I can't seem to solve by myself. Any help would be very appreciated !
Basically, ctl_mboxlist try to authenticate as root on the MUPDATE
master server. Here is the revelant part of my /etc/cyrus.conf :
---
START {
On Fri, 27 Dec 2002, Jules Agee wrote:
> Is saslauthd's auth_ldap module still considered experimental?
>
I use it in production.
> Would using this allow imap authentication methods other than PLAIN or
> LOGIN to be used, if the configured LDAP authentication method was
You can only use PLAIN
Is saslauthd's auth_ldap module still considered experimental?
Would using this allow imap authentication methods other than PLAIN or
LOGIN to be used, if the configured LDAP authentication method was
'custom' (crypted userPassword) rather than 'bind'?
--
Jules Agee
System Administrator
Pacific
On Thu, 7 Nov 2002, Felix Cuello wrote:
> I solved my problem with sasl... just changing the line of fork
> process,
>
> What do you think about this problem?, saslauthd comes with 5 fork
> process maximum, now (only for testing and tunning) y replaced this with
> 40 fork process... it's too much.
I solved my problem with sasl... just changing the line of fork
process,
What do you think about this problem?, saslauthd comes with 5 fork
process maximum, now (only for testing and tunning) y replaced this with
40 fork process... it's too much... but it works!...
How can I tune this?
Thanks a
Thanks for the clarification,
How about an option to extract the domain context from %u for the search
base? ie. The option derive %d from %u instead of %r
I think there's an opportunity to greatly improve the search times. The
global search may have to go through hundreds of thousands of rec
Hi,
http://my.fit.edu/~kpierre/lak.c.1.patch
patch to cyrus/saslauthd/lak.c to allow it to expand '%d'
macro in ldap_search_base option to the domain context derived from the
realm '%r'.
eg.
ldap_search_base: ou=people, %d
in saslauthd.conf
if realm is 'domain.tld', the ldap search base will
On Mon, 14 Oct 2002, Kervin L. Pierre wrote:
>
> Hi,
>
> attached is a patch to cyrus/saslauthd/lak.c to allow it to expand '%d'
> macro in ldap_search_base option to the domain context derived from the
> realm '%r'.
>
> eg.
>
> ldap_search_base: ou=people, %d
> in saslauthd.conf
>
> if realm is
Hi,
attached is a patch to cyrus/saslauthd/lak.c to allow it to expand '%d'
macro in ldap_search_base option to the domain context derived from the
realm '%r'.
eg.
ldap_search_base: ou=people, %d
in saslauthd.conf
if realm is 'domain.tld', the ldap search base will expand to
'ou=people,dc=
Is there are way to dynamically modify ldap_search_base attribute of
saslauthd so that it searches are particular DIT of the LDAP server?
eg. a way to split the realm ( %r ) macro, then building a search base
off that. ie.
ldap_search_base: ou=people,%d
Where %d explodes to "dc=domain,dc=tld
47 matches
Mail list logo
