Re: Cyrus administration problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Aug 6, 2009 at 3:34 PM, Nybbles2Byte<nybbles2byte@xxxxxxxxx> wrote:
> Thanks but I am not sure how you are getting that conclusion from this
> wording in the manual.  As far as I can see it almost (but not quite) the
> reverse of what you are saying.
>

# man imapd.conf

virtdomains: off
      Enable virtual domain support.  If enabled, the user’s domain
will be determined by splitting a fully qualified userid at the  last
’@’  or ’%’  symbol.

userid refer to "login" user not reverse DNS.

fully qualified userid => johndoe@xxxxxxxxxxx (no dns lookup)
unqualified userid => johndoe (no dns lookup if
sasl_ldap_default_domain* or sasl_ldap_default_realm* and
defaultdomain is set)

* without sasl_ prefix at saslauthd.conf .

With saslauthd.conf:

ldap_default_realm: default.example.org
ldap_filter: (&(objectClass=inetOrgPerson)(mail=%U@%d))

Login with unqualified userid root makes query to
(&(objectClass=inetOrgPerson)(mail=root@xxxxxxxxxxxxxxxxxxx))

With "admins: root" root become global admin.

This example is to salsauthd with LDAP backhend.

> ----------------------------------------------------------------------------------
> Configuring Virtual Domains
> Introduction
>
> Virtual domains is the practice of hosting a service for more than one
> domain on one server. Cyrus IMAP has the ability to host IMAP/POP mailboxes
> for multiple domains (e.g. test@xxxxxxxxxxx and test@xxxxxxxxxxx) on a
> single server or Murder.
>
> In order to accomplish this, Cyrus needs to know which domain to look in
> when a mailbox is accessed. There are two ways in which Cyrus can determine
> the domain:
>
>     * Fully qualified userid - the client logs in with a userid containing
> the domain in which the user belongs (e.g test@xxxxxxxxxxx or
> test%example.net)
>     * IP address - the server looks up the domain based on the IP address of
> the receiving interface (useful for servers with multiple NICs or using IP
> aliasing)
>
> Both of these methods are active if the virtdomains option is set to on (or
> yes, 1, true) and can be used in conjunction with one another. If the
> virtdomains option is set to userid, then only the first method is used.
> Note that a fully qualified userid takes precedence over a domain obtained
> from the IP address.
> ----------------------------------------------------------------------------------
>

-- 
Reinaldo de Carvalho
http://korreio.sf.net
http://python-cyrus.sf.net

"Don't try to adapt the software to the way you work, but rather
yourself to the way the software works" (myself)
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html


[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux