|
Hello,
I've execute testsaslauthd as cyrus user a it's OK [root log]# su - cyrus [cyrus1 ~]$ /usr/sbin/testsaslauthd -u test-adm -p password 0: OK "Success." On the other hand, I've done some test and I've execute imtest getting the following: # imtest -m plain 192.168.65.130 -a cyrus S: * OK Datadec-Online Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed C: A01 AUTHENTICATE PLAIN S: A01 NO encryption needed to use mechanism Authentication failed. generic failure Security strength factor: 0 . login test-adm password . OK User logged in C: Q01 LOGOUT Connection closed. =========log============== Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: telling master 2 Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: accepted connection Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: telling master 3 Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 pid 29801 in READY state: now unavailable and in BUSY state Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 now has 1 ready workers Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 pid 29801 in BUSY state: now serving connection Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 now has 1 ready workers *Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: badlogin: xmlfrwk.pre.datadec-online.com [192.168.65.130] PLAIN [SASL(-16): encryption needed to use mechanism: security flags do not match required] *Feb 13 17:16:11 srv-vln-pre1 imap1[29801]: login: xmlfrwk.pre.datadec-online.com [192.168.65.130] test-adm plaintext User logged in ========================== As you can see on the first try I get "badlogin" but when I try ". login test-adm password" I'm able to log in. Regards. > Date: Mon, 13 Feb 2012 09:49:45 -0600 > From: dwhite@xxxxxxx > To: magiza83@xxxxxxxxxxx > CC: info-cyrus@xxxxxxxxxxxxxxxxxxxx; awilliam@xxxxxxxxxxxxx > Subject: Re: Allow PLAIN login cyrus 2.2.12 > > On 02/13/12 16:02 +0100, Manel Gimeno Zaragozá wrote: > > > >Hello, > > > >I've tried adding "asterisk" lines but nothing changes: > > > >=====imapd.conf==== > >sasl_pwcheck_method: saslauthd > >sasl_mech_list: PLAIN > >*sasl_minimum_layer: 0 > > > >=====saslauthd.conf===== > >ldap_servers: ldap://ldap.ldaptest.com:389/ ldap://srv-ln-repli1.ldaptest:389/ > >ldap_search_base: ou=pre_test,dc=org > >ldap_bind_dn: cn=admin > >ldap_password: password > >ldap_scope: sub > >ldap_filter: (|(cn=%U@%d)(uid=%u)) > >*ldap_auth_method: plain > > > >I'm still not able to log in# > > > >#imtest -m plain 192.168.1.5 -a test-adm > > S: * OK Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready > > C: C01 CAPABILITY > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE > > S: C01 OK Completed > > [Server did not advertise AUTH=PLAIN] > > Authentication failed. generic failure > > Security strength factor: 0 > > On 02/13/12 12:55 +0100, Manel Gimeno Zaragozá wrote: > >I can connect via testsaslauthd: > >#testsaslauthd -u test-adm -p password > > 0: OK "Success." > > > > Check your syslog for any errors (auth facility). Verify that the user > which imapd is running under has permissions to access the saslauthd mux. > One way to verify that is with: > > sudo -u cyrus testsaslauthd -u test-adm -p password > > You may need to set: > > sasl_saslauthd_path: </full/path/to/saslauthd/mux>/mux > > Within imapd.conf. But your logs will provide an appropriate error if that > option is needed. > > -- > Dan White Manel Gimeno Zaragoza magiza83@xxxxxxxxxxx > Date: Mon, 13 Feb 2012 09:49:45 -0600 > From: dwhite@xxxxxxx > To: magiza83@xxxxxxxxxxx > CC: info-cyrus@xxxxxxxxxxxxxxxxxxxx; awilliam@xxxxxxxxxxxxx > Subject: Re: Allow PLAIN login cyrus 2.2.12 > > On 02/13/12 16:02 +0100, Manel Gimeno Zaragozá wrote: > > > >Hello, > > > >I've tried adding "asterisk" lines but nothing changes: > > > >=====imapd.conf==== > >sasl_pwcheck_method: saslauthd > >sasl_mech_list: PLAIN > >*sasl_minimum_layer: 0 > > > >=====saslauthd.conf===== > >ldap_servers: ldap://ldap.ldaptest.com:389/ ldap://srv-ln-repli1.ldaptest:389/ > >ldap_search_base: ou=pre_test,dc=org > >ldap_bind_dn: cn=admin > >ldap_password: password > >ldap_scope: sub > >ldap_filter: (|(cn=%U@%d)(uid=%u)) > >*ldap_auth_method: plain > > > >I'm still not able to log in# > > > >#imtest -m plain 192.168.1.5 -a test-adm > > S: * OK Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready > > C: C01 CAPABILITY > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE > > S: C01 OK Completed > > [Server did not advertise AUTH=PLAIN] > > Authentication failed. generic failure > > Security strength factor: 0 > > On 02/13/12 12:55 +0100, Manel Gimeno Zaragozá wrote: > >I can connect via testsaslauthd: > >#testsaslauthd -u test-adm -p password > > 0: OK "Success." > > > > Check your syslog for any errors (auth facility). Verify that the user > which imapd is running under has permissions to access the saslauthd mux. > One way to verify that is with: > > sudo -u cyrus testsaslauthd -u test-adm -p password > > You may need to set: > > sasl_saslauthd_path: </full/path/to/saslauthd/mux>/mux > > Within imapd.conf. But your logs will provide an appropriate error if that > option is needed. > > -- > Dan White |
---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
