i totally missed to mention that the old machine is a fedora8 and the new centOS 5.1 OS. On Mon, Feb 4, 2008 at 2:25 PM, rupert <rupertt@xxxxxxxxx> wrote: > i compared both logins, and the x64 machine doesnt offer anything when > i dont use a certificate. > also when I log in, the autocreate mailbox says cant "connect" to the > mupdate server, but tcpdump shows me a connection on the right port, > and when I change the listen="mupdate" to something silly, it says it > cant "find" the mupdate server at all > here are my imtests > > works not > --- > imtest backend-A1 -a cyrus-backend -w backend -m PLAIN > > S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID > MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED] > backend-A1.bla1.mailcluster Cyrus IMAP4 (Murder) > v2.3.7-Invoca-RPM-2.3.7-1.1.el5 server ready > C: C01 CAPABILITY > S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID > MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED ACL RIGHTS=kxte > QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT > CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT > THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT > LIST-SUBSCRIBED X-NETSCAPE URLAUTH > S: C01 OK Completed > C: A01 AUTHENTICATE PLAIN > S: A01 NO mechanism too weak for this user > Authentication failed. generic failure > Security strength factor: 0 > > > works: > -- > imtest backend-A1 -a cyrus-backend -w backend -m PLAIN -t > /etc/pki/cyrus-imapd/server.pem > > S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID > MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED] > backend-A1.bla1.mailcluster Cyrus IMAP4 (Murder) > v2.3.7-Invoca-RPM-2.3.7-1.1.el5 server ready > C: C01 CAPABILITY > S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID > MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED ACL RIGHTS=kxte > QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT > CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT > THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT > LIST-SUBSCRIBED X-NETSCAPE URLAUTH > S: C01 OK Completed > C: S01 STARTTLS > S: S01 OK Begin TLS negotiation now > verify error:num=18:self signed certificate > TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) > C: C01 CAPABILITY > S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID > MUPDATE=mupdate://mupdater-A1/ AUTH=PLAIN SASL-IR ACL RIGHTS=kxte > QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT > CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT > THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT > LIST-SUBSCRIBED X-NETSCAPE URLAUTH > S: C01 OK Completed > C: A01 AUTHENTICATE PLAIN AGN5cnVzLWJhY2tlbmQAYmFja2VuZA== > S: A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID > MUPDATE=mupdate://mupdater-A1/ LOGINDISABLED ACL RIGHTS=kxte QUOTA > MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN > MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT > THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT > LIST-SUBSCRIBED X-NETSCAPE URLAUTH] Success (tls protection) > Authenticated. > Security strength factor: 256 > > > works on old machine > -- > imtest backend -u ralf@xxxxxxxxxx -a ralf@xxxxxxxxxx -m PLAIN -w ralf > > S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID > MUPDATE=mupdate://mupdate.test.local/ STARTTLS AUTH=PLAIN SASL-IR] > backend.test.local Cyrus IMAP4 (Murder) v2.3.9-Fedora-RPM-2.3.9-7.fc8 > server ready > C: C01 CAPABILITY > S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID > MUPDATE=mupdate://mupdate.test.local/ STARTTLS AUTH=PLAIN SASL-IR ACL > RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME > UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ > THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE > CONDSTORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH > S: C01 OK Completed > C: A01 AUTHENTICATE PLAIN cmFsZkBibHViLmxvY2FsAHJhbGZAYmx1Yi5sb2NhbAByYWxm > S: A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID > MUPDATE=mupdate://mupdate.test.local/ LOGINDISABLED ACL RIGHTS=kxte > QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT > CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT > THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT > LIST-SUBSCRIBED X-NETSCAPE URLAUTH] Success (no protection) > Authenticated. > Security strength factor: 0 > > > > On Mon, Feb 4, 2008 at 9:23 AM, rupert <rupertt@xxxxxxxxx> wrote: > > Hello, > > i transfered my murder from some x86 VM machine to some real x64 > > machines, and I cant get the frontend/backend and mupdate servers to > > talk to each others. > > imtest only works with the -t option. I use pam and a mysql DB with > > hashed paswords. > > Local testsaslauth works and also i can do a mupdatest with the same > > parameters as in the imapd.conf. > > > > on the frontend I have these messages repeating, > > > > 08:21:00 frontend-A1 mupdate[5198]: couldn't connect to mupdate server > > Feb 4 08:21:00 frontend-A1 mupdate[5198]: retrying connection to > > mupdate server in 25 seconds > > Feb 4 08:21:12 frontend-A1 mupdate[5196]: couldn't authenticate to > > backend server: no mechanism available > > > > also I can find this line > > > > frontend-A1 saslauthd[1617]: pam_unix_acct(imap:account): could not > > identify user (from getpwnam(albert@xxxxxxxxxx)) > > > > looks like pam tries to look for a local user? > > > > Since I am using as mech only PLAIN, how can I force the deamons to > > use TLS to talk to each other? > > > > > > cheers > > > > rupertt > > > > thx () > ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
