On Friday 07 September 2007 19:21:19 Andrew Morgan wrote: > On Fri, 7 Sep 2007, Guillaume Nadot wrote: > > Dear list, > > > > The problem is that I cannot use the email address of the user to perform > > their logins. > > > > Let me explain : > > > > I have succesfully setup cyrus with virtual domains, > > I use sasl with pam for the authentication, > > pam use ldap and use the email adress of the user as pam_login_attribute > > ( pam_login_attribute mail in /etc/ldap.conf ). > > > > When I run the command testsaslauthd -u bill@xxxxxxxx -p password, it > > returns 0: OK "Success." > > > > When I want to perform a login on cyrus, it fails here is the log : > > Sep 7 15:50:40 imaptest pop3[5130]: badlogin: [192.168.34.208] plaintext > > bill@xxxxxxxx SASL(-13): authentication failure: checkpass failed. > > > > If I try to log on cyrus using bill@xxxxxxxx@truc.com, I can see this in > > the logs : > > Sep 7 15:52:30 imaptestfrontend1 pop3[5135]: login: [192.168.34.208] > > bill@xxxxxxxx@truc.com plaintext User logged in > > Sep 7 15:52:33 imaptestfrontend1 pop3[5135]: Unable to locate maildrop > > truc.com!: Invalid mailbox name > > > > The problem seems to be that when the user tries to authenticate, cyrus > > splits the login in two parts : the username and the domain, and tries to > > authenticate the user only with the local part of the mail adress. > > > > Is there anyway to telle cyrus not to split the login when passing the > > username to sasl ? > > > > I'm using cyrus-imapd 2.3.7. on a RedHat 5 EL. > > > > Here is my imapd.conf : > > > > configdirectory: /var/lib/imap > > partition-default: /var/spool/imap > > admins: cyrus > > sievedir: /var/lib/imap/sieve > > sendmail: /usr/sbin/sendmail > > hashimapspool: true > > sasl_pwcheck_method: saslauthd > > sasl_mech_list: PLAIN > > tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem > > tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem > > tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt > > > > virtdomains: userid > > Try starting saslauthd with the "-r" argument. > > Andy Thanks, it works now. As testsaslauthd was working, I didn't think saslauthd was the problem. - Guillaume Nadot System Engineer CIRB - CIBG ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
