Password policy: Cyrus+pam_smb_auth on Solaris 8

Fri, 15 Jun 2001 02:27:27 -0700 

Perhaps I have the answer of my previous message sent to the list.
For the password management I can use our NT4 PDC...

I reconfigured  cyrus-sasl with the following options:
./configure --with-dblib=berkeley --disable-gssapi --disable-krb4
--with-pam=/usr/lib/security -disable-digest

And I reconfigured cyrus-imapd this way, adding the --with-pwcheck=pam
option:
./configure  --prefix=/usr/local/cyrus --with-auth=unix --with-pwcheck=pam
--without-krb --enable-netscapehack --with-ucdsnmp=/usr/local/snmpd
--with-dbdir=/usr/local/BerkeleyDB.3.2 --with-sasldir=/usr/local
--with-openssl=/usr/local/openssl

Then I compiled and installed pam_smb_auth v.1.1.6 and I copied it under
/usr/lib/security as pam_smb_auth.so.1 (linked in the same directory also as
pam_smb_auth.so).

I created the file /etc/pam_smb.conf adding the domain + PDC + BDC:
<DOMAIN>
<host1>
<host2>

Then I edited the file /etc/pam.conf adding the lines related to imap and
pop3:
imap    auth required /usr/lib/security/pam_smb_auth.so.1 debug
pop3    auth required /usr/lib/security/pam_smb_auth.so.1 debug

(I tried also with other options instead of debug, as nolocal and
use_first_pass, but without success).


Then I edited the /etc/imapd.conf:
configdirectory: /data/imap
partition-default: /data/spool/imap
admins: cyrus root
allowanonymouslogin: no
quotawarn: 90
sasl_pwcheck_method: pam
# Mods. by VM for SSL Support, 01/06/2001
tls_cert_file: /data/imap/server.pem
tls_key_file: /data/imap/server.pem


I cannot logon on the imap server and these are the errors reported:

from the imapd.log
...
Jun 15 10:16:29 uxs03 imapd[3382]: [ID 921384 local6.debug] accepted
connection
Jun 15 10:16:29 uxs03 imapd[3382]: [ID 427203 local6.debug]
pam_authenticate: error Can not retrieve authentication info
Jun 15 10:16:35 uxs03 last message repeated 2 times
...


from the auth.log
...
Jun 15 10:16:29 uxs03 imapd[3382]: [ID 498107 auth.debug] pam_smb: Local
UNIX username/password check incorrect.
Jun 15 10:16:29 uxs03 imapd[3382]: [ID 562731 auth.debug] pam_smb:
Configuration Data, Primary <host1>, Backup <host2>, Domain <DOMAIN>.
Jun 15 10:16:38 uxs03 IMP[138]: [ID 800047 auth.notice] FAILED 10.162.36.176
to localhost:143 as avm018
...


What I' missing?

Thanks for any help,

Vito

Reply via email to