RE: Cyrus imap, virtual domains and ldap authentication
> I have never used virtual domains so I don't know about that. I'm using > both methods in different configurations and they both work well. However, > I think for virtual domains, you have to use 'sasl_pwcheck_method: ldap' > because pam doesn't handle what you want. > > Simon Hi Simon, Your Cyrus rpms are very much appreciated thank's very much. Well I appear to have virtual domains working on redhat 9. This is what I did. I got the cyrus-sasl rpms from Fedora Core 1 and rebuilt them on Redhat 9 with ldap support added in (it's off by default). Changed the saslauthd mech from shadow to ldap. Created /etc/saslauthd.conf ldap_servers: ldap://127.0.0.1 ldap_bind_dn: cn=Manager,dc=domain,dc=net ldap_bind_pw: supersecret ldap_scope: sub ldap_search_base: dc=domain,dc=net ldap_auth_method: bind --- Used saslauthd in /etc/imapd.conf #sasl_pwcheck_method: auxprop sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN default_domain: unused.domain.net I have different ou's for each domain in my ldap server and each user has a [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Now I just have to go through and tighten up the security ;-) John --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyrus imap, virtual domains and ldap authentication
> > cyrus-imapd-utils-2.2.3 > cyrus-imapd-2.2.3 > cyrus-sasl-2.1.15 > > Hi, > > I have a cyrus imap server with virtual domains authenticating against > sasldb2 thats been running sucessfully for several weeks now (Thanks to > Simon Matters rpms) and I'd like to convert to authenticating against my > LDAP server. I've "Googled until my fingers bled" (quote stolen from a > google search) and I'm totaly confused about how to go about it. > > So I'm looking for some tips/pointers about how to go about it. > > I've seen references to useing either of "sasl_pwcheck_method: saslauthd" > or > "sasl_pwcheck_method: ldap" in imapd.conf. Which should I use and then > what > else do I need? I have never used virtual domains so I don't know about that. I'm using both methods in different configurations and they both work well. However, I think for virtual domains, you have to use 'sasl_pwcheck_method: ldap' because pam doesn't handle what you want. Simon > > Regards John > > --- > Cyrus Home Page: http://asg.web.cmu.edu/cyrus > Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Cyrus imap, virtual domains and ldap authentication
cyrus-imapd-utils-2.2.3 cyrus-imapd-2.2.3 cyrus-sasl-2.1.15 Hi, I have a cyrus imap server with virtual domains authenticating against sasldb2 thats been running sucessfully for several weeks now (Thanks to Simon Matters rpms) and I'd like to convert to authenticating against my LDAP server. I've "Googled until my fingers bled" (quote stolen from a google search) and I'm totaly confused about how to go about it. So I'm looking for some tips/pointers about how to go about it. I've seen references to useing either of "sasl_pwcheck_method: saslauthd" or "sasl_pwcheck_method: ldap" in imapd.conf. Which should I use and then what else do I need? Regards John --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html