Rich Wales wrote, at 11/14/2007 06:13 PM: > It looks like my problem with replication not working in one direction > was a SASL thing. One of my servers was advertising GSSAPI as an > authentication mechanism, but it didn't really work (I don't have > Kerberos installed on my systems). Apparently, sync_client on the > other box was deciding to use GSSAPI, but was giving up because it > wasn't actually functional. > > I fixed the problem by moving the libgss* libraries out of the SASL2 > library directory. > > While I was at it, I also moved the libntlm* and libotp* libraries > out of the SASL2 library directory, since I'm not using either of > these authentication methods either. > > I'm mildly concerned that a future software upgrade might cause these > libraries to reappear. Is there a more reliable way to disable SASL > authentication mechanisms, other than removing files from the library > directory? I don't use replication, but for normal authentication, I'm able to specify which mechanisms are advertised by including this in imapd.conf: sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 Maybe this (or some variation) will also work for replication, and you can leave the libraries in place. ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
