I cannot get the cyrus user to authenticate using either imtest or cyradm. I can authenticate all other normal users using imtest.
I am using Simon's rpms for sasl and imap on RHES3. cyrus-sasl-2.1.17-2 cyrus-imapd-2.2.3-4 openldap-2.0.27-11 I am using LDAP authentication using saslauthd -ldap. The cyrus user in in the LDAP database as simpleSecurityObject which has uid and userPassword attributes. The password has been entered as clear,crypt and md5 and none work. Here are the outputs and config files ... user shelley ... an imap user works ... [EMAIL PROTECTED] text]# imtest -t "" -a shelley localhost S: * OK chipmunk.cabm.rutgers.edu Cyrus IMAP4 v2.2.3-Invoca-RPM-2.2.3-4 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed C: S01 STARTTLS S: S01 OK Begin TLS negotiation now verify error:num=18:self signed certificate TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=PLAIN AUTH=LOGIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed Please enter your password: C: A01 AUTHENTICATE PLAIN c2hlbGxleQBzaGVsbGV5AGxvbi8vbGF0 S: A01 OK Success (tls protection) Authenticated. Security strength factor: 256 C: Q01 LOGOUT Connection closed. user cyrus does not ... [EMAIL PROTECTED] text]# imtest -t "" -a cyrus localhost S: * OK chipmunk.cabm.rutgers.edu Cyrus IMAP4 v2.2.3-Invoca-RPM-2.2.3-4 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed C: S01 STARTTLS S: S01 OK Begin TLS negotiation now verify error:num=18:self signed certificate TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits) C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=PLAIN AUTH=LOGIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed Please enter your password: C: A01 AUTHENTICATE PLAIN Y3lydXMAY3lydXMAbnV0c0BjYWJt S: A01 NO authentication failure Authentication failed. generic failure Security strength factor: 256 Feb 23 11:53:50 chipmunk saslauthd[21680]: do_auth : auth failure: [user=cyrus] [service=imap] [realm=] [mech=ldap] [reason=Unknown] Feb 23 11:53:50 chipmunk imap[21637]: Password verification failed [EMAIL PROTECTED] text]# cyradm -u cyrus -a plain localhost Password: IMAP Password: Login failed: authentication failure at /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 118 cyradm: cannot authenticate to server with plain as cyrus Feb 23 11:54:48 chipmunk perl: No worthy mechs found Feb 23 11:54:52 chipmunk saslauthd[21681]: do_auth : auth failure: [user=cyrus] [service=imap] [realm=] [mech=ldap] [reason=Unknown] I am confused here - why does it ask twice for a password???????????? [EMAIL PROTECTED] etc]# more saslauthd.conf ldap_servers: ldap://localhost/ ldap_search_base: dc=cabm.rutgers,dc=edu ldap_bind_dn: cn=chipmunk,dc=cabm.rutgers,dc=edu ldap_bind_pw: xxxxx ldap_version: 3 ldap_timeout: 5 ldap_timelimit: 5 ldap_restart: yes ldap_scope: sub ldap_search_base: dc=cabm.rutgers,dc=edu ldap_auth_method: bind #ldap_filter: (|(uid=%u)(mail=%u)(alias=%u)) ldap_filter: (uid=%u) ldap_debug: 9 ldap_verbose: 1 ldap_ssl: no [EMAIL PROTECTED] etc]# more imapd.conf configdirectory: /usr/cyrus/imap partition-default: /usr/cyrus/spool/imap admins: cyrus sievedir: /usr/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN LOGIN MD5 #tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_cert_file: /usr/share/ssl/certs/server.pem #tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_key_file: /usr/share/ssl/certs/server.pem #tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt A clue as to what I am doing wrong is appreciated. I have seen similar threads, but no resolution. Shelley Waltz --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html