Hi this was very helpful: sasl_auxprop_plugin: sasldb But is works only in combination with: sasl_pwcheck_method: saslauth I can now log in to default domain as user password via Windows live mail (WLM) and send/receive e-mails. And I a succeed on testsaslauthd. However, the user in sasldb with name info@xxxxxxxxxxx cannot login. in /etc/default/saslauthd START=yes MECHANISMS="sasldb" THREADS=5 OPTIONS="-c -m /var/run/saslauthd -rVd" root@srv01:~# sasldblistusers2 cyrus@srv01: userPassword info@xxxxxxxxxxx: userPassword andrey@srv01: userPassword root@srv01:~#testsaslauthd -u info@xxxxxxxxxxx -p Pa77w0rd 0: NO "authentication failed" Debug: root@srv01:~# service saslauthd restart * Stopping SASL Authentication Daemon saslauthd [ OK ] * Starting SASL Authentication Daemon saslauthd saslauthd[8891] :main : num_procs : 5 saslauthd[8891] :main : mech_option: NULL saslauthd[8891] :main : run_path : /var/run/saslauthd saslauthd[8891] :main : auth_mech : sasldb saslauthd[8891] :cache_alloc_mm : mmaped shared memory segment on file: /var/run/saslauthd/cache.mmap saslauthd[8891] :cache_init : bucket size: 96 bytes saslauthd[8891] :cache_init : stats size : 36 bytes saslauthd[8891] :cache_init : timeout : 28800 seconds saslauthd[8891] :cache_init : cache table: 985828 total bytes saslauthd[8891] :cache_init : cache table: 1711 slots saslauthd[8891] :cache_init : cache table: 10266 buckets saslauthd[8891] :cache_init_lock : flock file opened at /var/run/saslauthd/cache.flock saslauthd[8891] :ipc_init : using accept lock file: /var/run/saslauthd/mux.accept saslauthd[8891] :detach_tty : master pid is: 0 saslauthd[8891] :ipc_init : listening on socket: /var/run/saslauthd/mux saslauthd[8891] :main : using process model saslauthd[8891] :have_baby : forked child: 8892 saslauthd[8892] :get_accept_lock : acquired accept lock saslauthd[8891] :have_baby : forked child: 8893 saslauthd[8891] :have_baby : forked child: 8894 saslauthd[8891] :have_baby : forked child: 8895 saslauthd[8892] :rel_accept_lock : released accept lock saslauthd[8892] :cache_get_rlock : attempting a read lock on slot: 1130 saslauthd[8892] :cache_lookup : [login=info@xxxxxxxxxxx] [service=] [realm=imap]: not found, update pending saslauthd[8892] :cache_un_lock : attempting to release lock on slot: 1130 saslauthd[8893] :get_accept_lock : acquired accept lock saslauthd[8892] :do_auth : auth failure: [user=info@xxxxxxxxxxx] [service=imap] [realm=] [mech=sasldb] [reason=Unknown] saslauthd[8892] :do_request : response: NO I test it from WLM and got an error too... Thank you -----Oorspronkelijk bericht----- From: Dan White Sent: Friday, March 7, 2014 6:01 PM To: Andrey Cc: info-cyrus@xxxxxxxxxxxxxxxxxxxx Subject: Re: Ubuntu Server 13.10 | Postfix 2.10.2 | Cyrus 2.4.16 On 03/07/14 17:13 +0100, Andrey wrote: >Hi everyone, > >I am stack. I would like to use in my test environment virtual domains and >emails. > >I have 2 domains. The users from default domain i can via sasl and pam >authenticate without problem. I use in my mail software credentials like >user password. >Now I don’t want to use pam mechanism, but sasldb. See hereunder my >configs: > >/etc/default/saslauthd > >START=yes >MECHANISMS="sasldb" >MECH_OPTIONS="" >THREADS=5 saslauthd, with default compile options, does not contain support for sasldb. It is recommended to use the sasldb auxprop plugin in this scenario rather than saslauthd. Configure /etc/imapd.conf with: sasl_auxprop_plugin: sasldb sasl_pwcheck_method: auxprop >#chroot Postfix >OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd” > > >/etc/postfix/main.cf >#only sasl/virtual related config info! >mydomain = domain.tld >myhostname = mail.domain.tld >mydestination = mail.domain.tld, domain.tld, localhost.domain.tld, >localhost > >mailbox_transport = lmtp:unix:/var/run/cyrus/socket/lmtp Configure your postfix smtpd.conf with: auxprop_plugin: sasldb pwcheck_method: auxprop The sasldb database is typically contained in /etc, and not underneath underneath the Postfix chroot. Either disable chrooting of smtpd in /etc/postfix/master.cf, or configure an appropriate 'sasl_sasldb_path' in /etc/imapd.conf, and a 'sasldb_path' in your postfix smtpd.conf file. If you continue to chroot postfix, you will also need to specify the location of the sasldb database with 'saslpasswd2 -f <path>'. >/etc/imapd.conf >#only sasl/virtual related config info! >allowplaintext: yes >sasl_mech_list: PLAIN >loginrealms: domain.tld,domain2.tld >virtdomains: userid >defaultdomain: domain.tld >sasl_pwcheck_method: saslauthd >sasl_auto_transition: no > > >Then I did following steps: >saslpasswd2 -u domain.tld info >testsaslauthd -u info -r domain.tld -p Pa77w0rd >0: OK "Success." >testsaslauthd -u info@xxxxxxxxxx -p Pa77w0rd >0: NO "authentication failed" With saslauthd, you may wish to experiment with the '-r' option (/etc/default/saslauthd OPTIONS). -- Dan White ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
