On 12-08-20 03:29 PM, Dan White wrote: > On 08/19/12 19:39 -0400, brian wrote: >> I'm having some trouble configuring SASL for a new server. Specifically, >> it seems, with realms. I'm now at the point where imtest works with the >> virtual domains but not with the default domain. >> >> I'm using sasldb through auxprop. In the past I've always done: >> >> saslpasswd2 -c username@xxxxxxxxxx > > Does imtest authentication work if you leave out the domain? No. Same result, same log msg. > Will your postfix users be logging in with a fully qualified username? If > so, consider forgoing a defaultdomain within imapd.conf. Yes. And that's why I'd left that blank at first. But then I realised that the original server has it set. > Use 'smtptest' to test your postfix authentication. Authenticated. >> /etc/imapd.conf: >> >> loginrealms: DEFAULT.TLD VDOMAIN1.TLD VDOMAIN2.tld >> virtdomains: userid >> defaultdomain: DEFAULT.TLD # also tried this empty > > Note that if you created any mailboxes (in the default domain) while this > option was empty, they will likely be inaccessible now. You may need to > recreate them. They should show up in your filesystem without any domain > reference. And vice versa. Yes, they are not under the domain directory, but under the first letter of the users. I created a password entry for a non-existent mailbox: sudo /usr/sbin/saslpasswd2 -c -u VDOMAIN1.TLD foo And then: imtest -v -m plain -a foo@xxxxxxxxxxxx localhost Authenticated. Not what I would expect if Cyrus needs to find the mailbox in order to authenticate. Regardless, I deleted the default domain mailboxes, stopped Cyrus and made sure the directories were gone, commented defaultdomain, started Cyrus, and then created the mailboxes again. Authenticated! Thanks so much for pointing me in the right direction. ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus