Hello Andreas 2007/10/17, Andreas Winkelmann <ml@xxxxxxxxxxxxxx>: > > - I checked a lot of documentation but I did not find out how I can > > set the log level for sasldb. I know the option is (sasl_)log_level > > (tested also only log_level) but with no success (also checked > > sasl.h). I get no more sasl debugging information then the standard > > ones. > > Don't expect too much from this log_level Option. I'm expect some more error messages regarding my problem below, for example why my authentication fails. > > - My goal is to use the same sasldb file for the server which works as > > master/client replicants. I disscused this issue at end of the last > > year with Andreas. Now I did some testing around this but I got no > > success (see posting below). > > Where is your Problem with the Hints below? > > > What do I wrong? Any hints are welcome. I tested your hints with the option -u domain.tld but could not successfully login to the cyrus imap server. Or should I change someting in the imapd,conf when I use the option -u domain.tld? Regards, > > ---------- Forwarded message ---------- > > From: Andreas Winkelmann <ml@xxxxxxxxxxxxxx> > > Date: 11.11.2006 10:32 > > Subject: Re: How to move sasldb to another server? > > To: cyrus-sasl@xxxxxxxxxxxxxxxxxxxx > > > > Am Saturday 11 November 2006 08:57 schrieb Martin Schweizer: > > > > > I have two cyrus imapd server (all software has the same version) > > > > > which uses sasldb for authentication. For failover reasons I would > > > > > like to "copy" regulary the sasldb from the main server to the backup > > > > > server. How can I do that? I did copied by hand but this works not. > > > > > > > > Maybe you want to tell us, what "works not" means? > > > > > > ... means you can not login (pop3, imap oder squirrmail) if you use > > > the copied file. > > > > > > > I would guess, you use the Hostname as Realm. This will change on the > > > > other > > > > > > ... yea, I saw (with strings sasldb2.sb) that there are realms in the > > > database. Probably that is the problem. Isn't it? > > > > You can use "sasldblistusers" or "sasldblistusers2" to see the contents of > > sasldb. > > > > > > Server of course. You can solve this with setting servername in > > > > imapd.conf to > > > > > > ... you mean I should turn on the main server name in the impad.conf > > > from the backup server? > > > > This is the easiest choice. > > > > An entry in sasldb contains 3 or maybe 4 parts. Username, Realm, Password > > (and Type: the "userPassword"). If your users uses only a Username, without > > @domain-Part, the Hostname of the Server is used for this key. This is > > servername in imapd.conf for Cyrus-Imapd. > > > > Either create entries with: > > > > # saslpasswd -cu domain.tld username > > > > And tell your users to use "user@xxxxxxxxxx" as Username. This should work > > on both servers, then. > > > > Or if you (have already) create(d) entries with: > > > > # saslpasswd -c username > > > > The Hostname of the Server is used and either your Users use > > "username@xxxxxxxxxxxxxxx" as username or you have to change something > > between the Source and Destination (Backup) Server. The easiest is to > > change the servername (imapd.conf) of the Backup-Server to be equal the > > other. Then Users can use "username" on both servers. > > > > > > the Hostname of the Source-Server. Or change sasldb after copying. > > > > Or... > > > > > > ... what you mean with "change sasldb after copying"? Do something by > > > hand? > > > > If the databasetype is bdb, you can use db_dump/db_load > > > > # db_dump -p /etc/sasldb2 | sed 's/host1\.domain\.tld/host2.domain.tld/' | > > db_load /etc/sasldb2_new > > > > This is only an example, if you really want to use something like that, you > > should work at least on the regexp in sed. > > > > Or a little Perl-Script. > > -- > Andreas > -- Martin Schweizer schweizer.martin@xxxxxxxxx Tel.: +41 32 512 48 54 (VoIP) Fax: +1 619 3300587
