I am installing a Cyrus box with the following configuration:
Machine: Dual Xeon 2GHz, 1Gb RAM System: Debian GNU/Linux 3.0, Cyrus 2.1 (Backported) and SASL2 (Backported) Authentication: LDAP
I have created a cyrus user under LDAP directory and the PAM modules has been set up to lib_ldap.so. When I try a "testsaslauthd -u cyrus -p [hidden]" I get a Sucess status, however, a "cyradm -u cyrus localhost" doesn't work.
This is because cyradm will pick the most secure authentication mechanism that the server advertises (e.g. DIGEST-MD5), and all of the non-plaintext mechanisms require that you have the user's secret stored in an auxprop plugin backend (e.g. sasldb). If you only want to use plaintext passwords via saslauthd, set your imapd.conf options to:
sasl_mech_list: PLAIN LOGIN sasl_pwcheck_method: saslauthd
Alternatively, OpenLDAP 2.1.x includes an auxprop plugin, which would allow you use any SASL mech with your LDAP installation.
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
