> I have testtesttest in the loginrealms and it does not work ! Even > without unixhierarchysep. I cannot login to > user.testtesttest@testtesttest with login testtesttest@testtesttest !
How are you testing authentication? This is where I start questioning the fact that no messages (from your earlier snippet) are being printed about what SASL is attempting to authenticate the end user. Even though it's not the full [EMAIL PROTECTED] account name you were thinking of "testtesttest" as a login realm should work. > > The unix hierarchy separator is key here because you > > want to have a "." in the username. > > > > I think this would do it. But how to enable that in 2.0.16 ? It's probably only available as a patch in the 2.0.x series (I'm not to keen on exactly which versions had what features). Your other choice is to skip 2.1 and jump into 2.2 available from CVS. Since you're already compiling your cyrus (as opposed to prepackaged binary) and you want virtual domains support (and willing to go to great lengths to get it), I'd suggest getting the 2.2 branch which has native virtual domain support built into it. There are a few ppl on the list who have been running the 2.2 branch for a couple weeks now and don't seem to be having any problems with it at all. That's the end of what I can offer you. It seems to me that you have everything configured right at least with what we've talked about. Even without the unixhierarchy separator you should be able to login as testtesttest@testtestest. The fact that you can't do that leads me to suspect A) misconfigured SASL, or B) operator error in authentication test. But I don't have anything conclusive either way. I do know that there are many of us who have the setup your looking to create, I just don't see what's going wrong in your environment. -- Michael --