On Mittwoch, 17. Oktober 2007, Martin Schweizer wrote: > - I checked a lot of documentation but I did not find out how I can > set the log level for sasldb. I know the option is (sasl_)log_level > (tested also only log_level) but with no success (also checked > sasl.h). I get no more sasl debugging information then the standard > ones. Don't expect too much from this log_level Option. > - My goal is to use the same sasldb file for the server which works as > master/client replicants. I disscused this issue at end of the last > year with Andreas. Now I did some testing around this but I got no > success (see posting below). Where is your Problem with the Hints below? > What do I wrong? Any hints are welcome. > ---------- Forwarded message ---------- > From: Andreas Winkelmann <ml@xxxxxxxxxxxxxx> > Date: 11.11.2006 10:32 > Subject: Re: How to move sasldb to another server? > To: cyrus-sasl@xxxxxxxxxxxxxxxxxxxx > > Am Saturday 11 November 2006 08:57 schrieb Martin Schweizer: > > > > I have two cyrus imapd server (all software has the same version) > > > > which uses sasldb for authentication. For failover reasons I would > > > > like to "copy" regulary the sasldb from the main server to the backup > > > > server. How can I do that? I did copied by hand but this works not. > > > > > > Maybe you want to tell us, what "works not" means? > > > > ... means you can not login (pop3, imap oder squirrmail) if you use > > the copied file. > > > > > I would guess, you use the Hostname as Realm. This will change on the > > > other > > > > ... yea, I saw (with strings sasldb2.sb) that there are realms in the > > database. Probably that is the problem. Isn't it? > > You can use "sasldblistusers" or "sasldblistusers2" to see the contents of > sasldb. > > > > Server of course. You can solve this with setting servername in > > > imapd.conf to > > > > ... you mean I should turn on the main server name in the impad.conf > > from the backup server? > > This is the easiest choice. > > An entry in sasldb contains 3 or maybe 4 parts. Username, Realm, Password > (and Type: the "userPassword"). If your users uses only a Username, without > @domain-Part, the Hostname of the Server is used for this key. This is > servername in imapd.conf for Cyrus-Imapd. > > Either create entries with: > > # saslpasswd -cu domain.tld username > > And tell your users to use "user@xxxxxxxxxx" as Username. This should work > on both servers, then. > > Or if you (have already) create(d) entries with: > > # saslpasswd -c username > > The Hostname of the Server is used and either your Users use > "username@xxxxxxxxxxxxxxx" as username or you have to change something > between the Source and Destination (Backup) Server. The easiest is to > change the servername (imapd.conf) of the Backup-Server to be equal the > other. Then Users can use "username" on both servers. > > > > the Hostname of the Source-Server. Or change sasldb after copying. > > > Or... > > > > ... what you mean with "change sasldb after copying"? Do something by > > hand? > > If the databasetype is bdb, you can use db_dump/db_load > > # db_dump -p /etc/sasldb2 | sed 's/host1\.domain\.tld/host2.domain.tld/' | > db_load /etc/sasldb2_new > > This is only an example, if you really want to use something like that, you > should work at least on the regexp in sed. > > Or a little Perl-Script. -- Andreas
