Re: mupdatetest works, but the deamons cant connect

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



i totally missed to mention that the old machine is a fedora8 and the
new centOS 5.1 OS.
On Mon, Feb 4, 2008 at 2:25 PM, rupert <rupertt@xxxxxxxxx> wrote:
> i compared both logins, and the x64 machine doesnt offer anything when
>  i dont use a certificate.
>  also when I log in, the autocreate mailbox says cant "connect" to the
>  mupdate server, but tcpdump shows me a connection on the right port,
>  and when I change the listen="mupdate" to something silly, it says it
>  cant "find" the mupdate server at all
>  here are my imtests
>
>  works not
>  ---
>   imtest  backend-A1 -a cyrus-backend -w backend -m PLAIN
>
>  S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
>  MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED]
>  backend-A1.bla1.mailcluster Cyrus IMAP4 (Murder)
>  v2.3.7-Invoca-RPM-2.3.7-1.1.el5 server ready
>  C: C01 CAPABILITY
>  S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
>  MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED ACL RIGHTS=kxte
>  QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
>  CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
>  THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
>  LIST-SUBSCRIBED X-NETSCAPE URLAUTH
>  S: C01 OK Completed
>  C: A01 AUTHENTICATE PLAIN
>  S: A01 NO mechanism too weak for this user
>  Authentication failed. generic failure
>  Security strength factor: 0
>
>
>  works:
>  --
>  imtest  backend-A1 -a cyrus-backend -w backend -m PLAIN -t
>  /etc/pki/cyrus-imapd/server.pem
>
>  S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
>  MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED]
>  backend-A1.bla1.mailcluster Cyrus IMAP4 (Murder)
>  v2.3.7-Invoca-RPM-2.3.7-1.1.el5 server ready
>  C: C01 CAPABILITY
>  S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
>  MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED ACL RIGHTS=kxte
>  QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
>  CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
>  THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
>  LIST-SUBSCRIBED X-NETSCAPE URLAUTH
>  S: C01 OK Completed
>  C: S01 STARTTLS
>  S: S01 OK Begin TLS negotiation now
>  verify error:num=18:self signed certificate
>  TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
>  C: C01 CAPABILITY
>  S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
>  MUPDATE=mupdate://mupdater-A1/ AUTH=PLAIN SASL-IR ACL RIGHTS=kxte
>  QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
>  CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
>  THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
>  LIST-SUBSCRIBED X-NETSCAPE URLAUTH
>  S: C01 OK Completed
>  C: A01 AUTHENTICATE PLAIN AGN5cnVzLWJhY2tlbmQAYmFja2VuZA==
>  S: A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
>  MUPDATE=mupdate://mupdater-A1/ LOGINDISABLED ACL RIGHTS=kxte QUOTA
>  MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN
>  MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
>  THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
>  LIST-SUBSCRIBED X-NETSCAPE URLAUTH] Success (tls protection)
>  Authenticated.
>  Security strength factor: 256
>
>
>  works on old machine
>  --
>   imtest backend -u ralf@xxxxxxxxxx -a ralf@xxxxxxxxxx -m PLAIN -w ralf
>
>  S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
>  MUPDATE=mupdate://mupdate.test.local/ STARTTLS AUTH=PLAIN SASL-IR]
>  backend.test.local Cyrus IMAP4 (Murder) v2.3.9-Fedora-RPM-2.3.9-7.fc8
>  server ready
>  C: C01 CAPABILITY
>  S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
>  MUPDATE=mupdate://mupdate.test.local/ STARTTLS AUTH=PLAIN SASL-IR ACL
>  RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME
>  UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ
>  THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE
>  CONDSTORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH
>  S: C01 OK Completed
>  C: A01 AUTHENTICATE PLAIN cmFsZkBibHViLmxvY2FsAHJhbGZAYmx1Yi5sb2NhbAByYWxm
>  S: A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
>  MUPDATE=mupdate://mupdate.test.local/ LOGINDISABLED ACL RIGHTS=kxte
>  QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
>  CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
>  THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
>  LIST-SUBSCRIBED X-NETSCAPE URLAUTH] Success (no protection)
>  Authenticated.
>  Security strength factor: 0
>
>
>
>  On Mon, Feb 4, 2008 at 9:23 AM, rupert <rupertt@xxxxxxxxx> wrote:
>  > Hello,
>  >  i transfered my murder from some x86 VM machine to some real x64
>  >  machines, and I cant get the frontend/backend and mupdate servers to
>  >  talk to each others.
>  >  imtest only works with the -t option. I use pam and a mysql DB with
>  >  hashed paswords.
>  >  Local testsaslauth works and also i can do a mupdatest with the same
>  >  parameters as in the imapd.conf.
>  >
>  >  on the frontend I have these messages repeating,
>  >
>  >  08:21:00 frontend-A1 mupdate[5198]: couldn't connect to mupdate server
>  >  Feb  4 08:21:00 frontend-A1 mupdate[5198]: retrying connection to
>  >  mupdate server in 25 seconds
>  >  Feb  4 08:21:12 frontend-A1 mupdate[5196]: couldn't authenticate to
>  >  backend server: no mechanism available
>  >
>  >  also I can find this line
>  >
>  >  frontend-A1 saslauthd[1617]: pam_unix_acct(imap:account): could not
>  >  identify user (from getpwnam(albert@xxxxxxxxxx))
>  >
>  >  looks like pam tries to look for a local user?
>  >
>  >  Since I am using as mech only PLAIN, how can I force the deamons to
>  >  use TLS to talk to each other?
>  >
>  >
>  >  cheers
>  >
>  >  rupertt
>  >
>
>  thx ()
>
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux