PLAIN for sasl_pwcheck_method isn't a valid option. Keep it as saslauthd
(and then make sure the testsaslauthd program works with your sync
username and password).
I think you showed me your primary imapd.conf and not the replica's.
What does imtest show you when you log into the replica (capability
lines)?
-Patrick
On Tue, 16 May 2006, David Korpiewski wrote:
Hello Patrick!
I set the sasl_pwcheck_method to be PLAIN from what it used to be (saslauthd)
on the replica server.
Still doesn't work though, it gives me this error:
badlogin: lmc1.cs.umass.edu [128.119.243.236] DIGEST-MD5 [SASL(-13): user not
found: no secret in database]
HISTORY:
our servers are set up with saslauthd for their sasl_pwcheck_method.
Saslauthd uses PAM for ldap authentication. This works fine for receiving
email and authenticating users with their mail clients. However, this doesn't
appear to work for sync_server when authenticating the sync_client.
These are pieces of my replica's imapd.conf:
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
sync_authname: cyrus
sync_log: 1
sync_host: lmc2.cs.umass.edu
sync_repeat_interval: 5
sync_password: XXXXXXXXXX
Thank you for any help you can offer!
David
Patrick Radtke wrote:
did you try setting
sasl_pwcheck_method on the replica?
'unix' isn't a SASL mechanism.
you may want to try PLAIN (what do you use currently on the primary
server)?
on the replica use this line
sasl_mech_list: PLAIN
to make it only advertise PLAIN authentication, and then the primary
machine will try using that sasl mechanism when connecting.
This will then invoke what you have for your sasl_pwcheck_method.
-Patrick
On May 16, 2006, at 3:47 PM, David Korpiewski wrote:
I'm in the middle of trying to set up replication. However, I keep
running into a problem.
The replication error I'm getting on the replica is this if I don't
specify a sync_authname and sync_password:
syncserver[7682]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits
new) no authentication
I get this error if I'm specifying a sync_authname and sync_password:
badlogin: lmc1.cs.umass.edu [128.119.243.236] DIGEST-MD5 [SASL(-13): user
not found: no secret in database]
MY QUESTION IS THIS:
How can I change what sync_server uses for its authentication? I want it
to either use LDAP or the local passwd/shadow files. It obviously keeps
trying to use DIGEST-MD5, in which case it would have to look for a md5
file in a particluar location, but I don't see how to specify that either.
I tried setting auth_mech and sasl_auth_mech to be "unix" in the
/etc/imapd.conf but that doesn't change anything.
Can anyone help me?
Thanks,
David
----------------------------------------------------------
David Korpiewski Phone: 413-545-4319
Software Specialist I Fax: 413-577-2285
Department of Computer Science ICQ: 7565766
University of Massachusetts Amherst
--------------------------------------------------------
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
--
--------------------------------------------------------
David Korpiewski Phone: 413-545-4319
Software Specialist I Fax: 413-577-2285
Department of Computer Science ICQ: 7565766
University of Massachusetts Amherst
--------------------------------------------------------
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
