Re: cyrus mailbox authentication changing from NIS to LDAP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 09/18/15 15:48 +0100, Sunny wrote:
>Hi,
>
>I've inherited a cyrus mail server and I'm currently learning how it's 
>setup and would like some advice changing from a NIS to LDAP 
>authentication.
>
>At the moment, the imap server uses NIS to authenticate ssh 
>connections and I believe to also authenticate users to their 
>mailboxes
>
>imapd.conf
>sasl_pwcheck_method: *saslauthd*
>sasl_mech_list: PLAIN
>
>/etc/sysconfig/saslauthd
>MECH=*pam*
>
>From the above output I believe that cyrus will use the pam service to 
>lookup authentication information to authenticate a users cyrus 
>mailbox.

Correct.

>I want the imap server to use LDAP (via sssd) for ssh authentication 
>and authenticating users to their mailboxes.
>
>If I configure the mail server to use sssd (also stop NIS) and update 
>/etc/pam.d/system-auth with the required pam_sss.so entries, does 
>anyone know or have experience if this change will allow users to 
>authenticate to their mailboxes using LDAP?

Do you have imap/pop/etc. specific pam configuration (e.g.
/etc/pam.d/imap)?

If not, then it's likely that be all you need to do, with regards to cyrus
services.

As a test, you could created a dummy service pam configuration, such as
/etc/pam.d/willthiswork, with your ldap/sssd configuration, then then run
testsaslauthd with '-s willthiswork ...'.

-- 
Dan White
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus




[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux