Re: cyradm authentication error

2003-02-27 Thread kewilliams
Robert thanks for the help,

After changing the imapd.conf file as you directed (and rebooting to make sure the 
changes took affect), I still got the error when running "cyradm --user cyrus 
localhost."  I noticed in my auth.log file that the following messages occurred when 
trying to log in:

Feb 27 08:52:56 web01 perl: No worthy mechs found

I'm not sure what this means, but upon looking up this message in the archive I was 
told to use cyradm --user cyrus -auth login localhost.  This DID work.  I'm ASSUMING 
this means I am trying to login in via plaintext instead of DIGEST-MD5.  (I have no 
clue why it won't work via DIGEST-MD5).  I was able to create a mailbox in my cyradm 
tool, but still got the following messages in my imapd.conf file:

Feb 27 08:56:03 web01 imapd[1229]: accepted connection
Feb 27 08:56:48 web01 imapd[1229]: badlogin: web01[127.0.0.1] PLAIN [SASL(-4): no 
mechanism available: security flags do not match required]
Feb 27 08:57:00 web01 imapd[1229]: badlogin: web01[127.0.0.1] plaintext cyrus 
SASL(-13): authentication failure: checkpass failed
Feb 27 08:57:10 web01 imapd[1229]: accepted connection
Feb 27 08:57:14 web01 imapd[1229]: login: web01[127.0.0.1] cyrus plaintext.

Why am I getting these error messages?  And as a newbie, I am COMPLETELY confused as 
to the differences between auxprop, saslauthd, login, and plain (those are the ones I 
have found so far...), and how they all relate regarding sasl2.  Does anyone know why 
I am getting these messages in my log files (specifically "no worthy mechs found" in 
my auth log, and "badlogin: web01[127.0.0.1] PLAIN..." in my imapd.log).

Also, is there any *good* documentation out there explaining the differences between 
these login mechanisms, and how they all relate?  I'd love to buy a good book on all 
this stuff!

Thanks in advance,

Kevin Williams

-- Original Message --
From: Robert Urban <[EMAIL PROTECTED]>
Date:  Thu, 27 Feb 2003 13:23:15 +0100

>
>Kevin Williams wrote:
>> My imapd.conf file looks as follows:
>> 
>> configdirectory: /var/imap
>> partition-default: /var/spool/imap
>> admins: cyrus root
>> sasl_pwcheck_method: saslauthd
>>
>> I can successfully authenticate using the imtest command.  When I
>> tried to use cyradm, I originally got a "can't locat
>> Cyrus/IMAP/Shell.pm in @INC.  I moved all necessary (I think)
>> folders from the folder they were installed in (/user/local/lib
>> instead of /user/lib) to be included in the path.  Now when I run
>> cyradm, the program just hangs and I get the following error in my
>> imapd.log file:
>> 
>> badlogin: web01[127.0.0.1] DOGEST-MD% [SASL(-13): authentication failure:
>> client response doesn't match what we generated].
>> 
>> When I enter the sasldblistuser2 command, I get the following:
>> [EMAIL PROTECTED]: userPassword.
>
>I had this problem too.  The answer is actually in the docs (install-auth),
>but it can take days before you find it :(  The whole authentication
>business is pretty badly documented, IMHO.
>
>use
>
>   sasl_pwcheck_method: auxprop
>
>in imapd.conf (which is the default) and both imtest and cyradm
>should used sasldb2.
>
>Rob Urban
>
>


cyradm authentication error

2003-02-26 Thread kewilliams
All,

I'm hoping someone can help me with this issue.  I have a new install with Redhat 8.0. 
 I used the sasl RPM 2.1.7-2.  I downloaded and installed cyrus imap version 2.1.12.

My imapd.conf file looks as follows:

configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus root
sasl_pwcheck_method: saslauthd

I can successfully authenticate using the imtest command.  When I tried to use cyradm, 
I originally got a "can't locat Cyrus/IMAP/Shell.pm in @INC.  I moved all necessary (I 
think) folders from the folder they were installed in (/user/local/lib instead of 
/user/lib) to be included in the path.  Now when I run cyradm, the program just hangs 
and I get the following error in my imapd.log file:

badlogin: web01[127.0.0.1] DOGEST-MD% [SASL(-13): authentication failure: client 
response doesn't match what we generated].

When I enter the sasldblistuser2 command, I get the following:
[EMAIL PROTECTED]: userPassword.

Would someone PLEASE help me with this problem?  I noticed a couple other postings 
with this error message, but no responses.

Thank you,

Kevin Williams