Re: imap and ldap
Oke I tried to reconfigure cyrus-sasl with the following options --with-ldap=/etc/ldap (because I had to give a directory) Everything was going fine, no errors during the installation but when I executed the command saslauthd -v I get the same options. saslauthd 2.1.15 authentication mechanisms: getpwent rimap shadow I'm sure you've checked all these, but just in case: - did you run make install? - is the install path on your PATH? - do you already have a system-provided cyrus-sasl installed? If the latter, it's quite likely that the saslauthd from that package is found before the one you compiled and installed. Try 'which saslauthd' to see which command your shell is excuting. Alternately, try explicitly running saslauthd with a full, explicit path. Craig Ringer
Re: imap and ldap
On Thu, 11 Dec 2003, Rob Siemborski wrote: > On Thu, 11 Dec 2003, Alain Williams wrote: > > > Tweak master.c (version 1.82), starting line 138, insert: > > #include > > > > int allow_severity = LOG_DEBUG; > > int deny_severity = LOG_ERR; > > I'm unclear why you needed to do this, since master doesn't link > tcpwrappers, only the cyrus services do. > This is needed for ucd-snmpd 4.2.6 compiled with tcpwrappers and possibly a few earlier revisions. It has tcpwrapper support in agentx. Index: master.c === RCS file: /cvs/src/cyrus/master/master.c,v retrieving revision 1.85 diff -u -r1.85 master.c --- master.c22 Oct 2003 18:50:14 - 1.85 +++ master.c11 Dec 2003 22:18:51 - @@ -39,7 +39,7 @@ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: master.c,v 1.85 2003/10/22 18:50:14 rjs3 Exp $ */ +/* $Id: master.c,v 1.67.4.26 2003/10/17 20:37:42 rjs3 Exp $ */ #include @@ -91,6 +91,10 @@ #include #include "cyrusMasterMIB.h" + +int allow_severity = LOG_DEBUG; +int deny_severity = LOG_ERR; + #endif #include "masterconf.h" > Could you expand on what errors you were getting, and what commands were > causing them? > > Also, writing documentation is great. Either post what you did to the > wiki or send us patches for the documentation we distributed. > > -Rob > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 > Research Systems Programmer * /usr/contributed Gatekeeper > > -- Igor
Re: imap and ldap
On Thu, 11 Dec 2003, Igor Brezac wrote: > This is needed for ucd-snmpd 4.2.6 compiled with tcpwrappers and possibly > a few earlier revisions. It has tcpwrapper support in agentx. Ah, ok, committed. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: imap and ldap
On Thu, Dec 11, 2003 at 05:02:42PM -0500, Rob Siemborski wrote: > On Thu, 11 Dec 2003, Alain Williams wrote: > > > Tweak master.c (version 1.82), starting line 138, insert: > > #include > > > > int allow_severity = LOG_DEBUG; > > int deny_severity = LOG_ERR; > > I'm unclear why you needed to do this, since master doesn't link > tcpwrappers, only the cyrus services do. > > Could you expand on what errors you were getting, and what commands were > causing them? > > Also, writing documentation is great. Either post what you did to the > wiki or send us patches for the documentation we distributed. I shall complete what I am doing and then write it all up from the notes that I have. A couple of weeks time. -- Alain Williams #include FATHERS-4-JUSTICE - Campaigning for equal rights for parents and the best interests of our children. See http://www.fathers-4-justice.org
Re: imap and ldap
On Thu, 11 Dec 2003, Alain Williams wrote: > Tweak master.c (version 1.82), starting line 138, insert: > #include > > int allow_severity = LOG_DEBUG; > int deny_severity = LOG_ERR; I'm unclear why you needed to do this, since master doesn't link tcpwrappers, only the cyrus services do. Could you expand on what errors you were getting, and what commands were causing them? Also, writing documentation is great. Either post what you did to the wiki or send us patches for the documentation we distributed. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: imap and ldap
On Thu, Dec 11, 2003 at 10:32:33AM -0500, Igor Brezac wrote: > > On Thu, 11 Dec 2003, Geert Reijnders wrote: > > > Oke I tried to reconfigure cyrus-sasl with the following options > > --with-ldap=/etc/ldap (because I had to give a directory) > > It appears that saslauthd configure script cannot find openldap libs on > your system. Check saslauthd/config.log and search for LDAP. I have just installed & configured cyrus on a SuSE Linux box, I was going to put up a small write up, but here is some of it now. I had to: ln -s /usr/local/lib/sasl2 /usr/lib/sasl2 Tweak master.c (version 1.82), starting line 138, insert: #include int allow_severity = LOG_DEBUG; int deny_severity = LOG_ERR; I had a flirtation with kerberos (trying to authenticate off MS active directory) before giving up and moving to ldap. ln -s /etc/saslauthd.conf /usr/local/etc/saslauthd.conf That file containing: # Config file for SASL with ldap # ADDW - December 2003 # The 2 ldap servers on the main site: ldap_servers: ldap://172.17.5.1:389/ ldap://172.17.5.2:389/ # This doesn't work, the servers don't appear to be listening to ldaps #ldap_servers: ldaps://172.17.5.1:636/ ldap_filter: SAMAccountName=%u ldap_version: 3 # Who we bind as - ie the user that we use to ask the question: ldap_bind_dn: cn=AccountName,ou=staff,dc=oaklands,dc=ac,dc=uk ldap_bind_pw: TopSecret # The ''domain'' within which we search: ldap_search_base: ou=students,ou=academic,DC=oaklands,dc=ac,dc=uk # end Thanks to Trey Tabner <[EMAIL PROTECTED]> for giving me this useful URL: http://www.bynari.net/Resellers/docs/bynari_ad_integration.txt One of the distributed files is: saslauthd/LDAP_SASLAUTHD I must admit, that I find the testing/verification side of authentication very difficult to do if things go wrong, there is little information that is given to help trace problems. There is also an assumption that you are intimate with the workings of your authentication mechanism. But I like Cyrus, which is why I will to document what I have done so that others can follow. -- Alain Williams #include FATHERS-4-JUSTICE - Campaigning for equal rights for parents and the best interests of our children. See http://www.fathers-4-justice.org
RE: imap and ldap
On Thu, 11 Dec 2003, Geert Reijnders wrote: > Oke I tried to reconfigure cyrus-sasl with the following options > --with-ldap=/etc/ldap (because I had to give a directory) It appears that saslauthd configure script cannot find openldap libs on your system. Check saslauthd/config.log and search for LDAP. -Igor > > Everything was going fine, no errors during the installation but when I executed the > command saslauthd -v > I get the same options. > > > saslauthd 2.1.15 > authentication mechanisms: getpwent rimap shadow > > I don't get it. Is it the version I use because with ldap is experimental in this > version I read in the help. > > Greets > Geert > > > > -Oorspronkelijk bericht- > Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Laurent Larquère > Verzonden: donderdag 11 december 2003 15:31 > Aan: Geert Reijnders;[EMAIL PROTECTED] > Onderwerp: Re: imap and ldap > > > Hi > you must have a "ldap capable" saslauthd > > # saslauthd -v > saslauthd 2.1.17 > authentication mechanisms: getpwent pam rimap shadow ldap > > to obtain this, you have to configure --with-ldap > > > Geert Reijnders wrote: > > >Hi all > > > >Again I have a question. I want to setup a mail-server and the users > >must be retrieved from the ldap-server. I have heard from several people and read > >in several guides that it is possible with saslauthd -a ldap and put the following > >option in the imapd.conf: > >sasl_pwcheck_method: saslauthd > > > >But of course when I try to do that I get error messages. The first one > >is when I execute the command saslauthd -a ldap: > > > >saslauthd[285] :set_auth_mech : unknown authentication mechanism: ldap > > > >the solution is not by using pam because that is not an option in > >saslauthd. > > > >The second one is when I try to open a mailbox in outlook express. Then > >I get the messages that on line (the line where sasl_pwcheck_method is > >located) that the command is unknown. > > > >What am I missing or doing wrong? I hope anyone could help me. > > > >Thanks in advance > > > >Geert Reijnders > > > > > > > > > > > > > > > > -- Igor
RE: imap and ldap
On Thu, 11 Dec 2003, Geert Reijnders wrote: > Oke I tried to reconfigure cyrus-sasl with the following options > --with-ldap=/etc/ldap (because I had to give a directory) It appears that saslauthd configure script cannot find openldap libs on your system. Check saslauthd/config.log and search for LDAP. -Igor > > Everything was going fine, no errors during the installation but when I executed the > command saslauthd -v > I get the same options. > > > saslauthd 2.1.15 > authentication mechanisms: getpwent rimap shadow > > I don't get it. Is it the version I use because with ldap is experimental in this > version I read in the help. > > Greets > Geert > > > > -Oorspronkelijk bericht- > Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Laurent Larquère > Verzonden: donderdag 11 december 2003 15:31 > Aan: Geert Reijnders;[EMAIL PROTECTED] > Onderwerp: Re: imap and ldap > > > Hi > you must have a "ldap capable" saslauthd > > # saslauthd -v > saslauthd 2.1.17 > authentication mechanisms: getpwent pam rimap shadow ldap > > to obtain this, you have to configure --with-ldap > > > Geert Reijnders wrote: > > >Hi all > > > >Again I have a question. I want to setup a mail-server and the users > >must be retrieved from the ldap-server. I have heard from several people and read > >in several guides that it is possible with saslauthd -a ldap and put the following > >option in the imapd.conf: > >sasl_pwcheck_method: saslauthd > > > >But of course when I try to do that I get error messages. The first one > >is when I execute the command saslauthd -a ldap: > > > >saslauthd[285] :set_auth_mech : unknown authentication mechanism: ldap > > > >the solution is not by using pam because that is not an option in > >saslauthd. > > > >The second one is when I try to open a mailbox in outlook express. Then > >I get the messages that on line (the line where sasl_pwcheck_method is > >located) that the command is unknown. > > > >What am I missing or doing wrong? I hope anyone could help me. > > > >Thanks in advance > > > >Geert Reijnders > > > > > > > > > > > > > > > > -- Igor
Re: imap and ldap
Hi, Did you compiled your own cyrus-sasl or used a third-party package ? If you compiled, did you used the "--with-ldap" switch to configure ? Do you have OpenLDAP and assorted libs installed ? On Thu, Dec 11, 2003 at 03:07:11PM +0100, Geert Reijnders wrote: > Hi all > > Again I have a question. I want to setup a mail-server and the users must be > retrieved from the ldap-server. I have heard from several people and read in several > guides that it is possible with saslauthd -a ldap and put the following option in > the imapd.conf: > sasl_pwcheck_method: saslauthd > > But of course when I try to do that I get error messages. The first one is when I > execute the command saslauthd -a ldap: > > saslauthd[285] :set_auth_mech : unknown authentication mechanism: ldap > > the solution is not by using pam because that is not an option in saslauthd. > > The second one is when I try to open a mailbox in outlook express. Then I get the > messages that on line (the line where sasl_pwcheck_method is located) that the > command is unknown. > > What am I missing or doing wrong? I hope anyone could help me. > > Thanks in advance > > Geert Reijnders > > > > > -- Etienne GoyerLinux Québec Technologies Inc. http://www.LinuxQuebec.com [EMAIL PROTECTED]
RE: imap and ldap
Oke I tried to reconfigure cyrus-sasl with the following options --with-ldap=/etc/ldap (because I had to give a directory) Everything was going fine, no errors during the installation but when I executed the command saslauthd -v I get the same options. saslauthd 2.1.15 authentication mechanisms: getpwent rimap shadow I don't get it. Is it the version I use because with ldap is experimental in this version I read in the help. Greets Geert -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Laurent Larquère Verzonden: donderdag 11 december 2003 15:31 Aan: Geert Reijnders;[EMAIL PROTECTED] Onderwerp: Re: imap and ldap Hi you must have a "ldap capable" saslauthd # saslauthd -v saslauthd 2.1.17 authentication mechanisms: getpwent pam rimap shadow ldap to obtain this, you have to configure --with-ldap Geert Reijnders wrote: >Hi all > >Again I have a question. I want to setup a mail-server and the users >must be retrieved from the ldap-server. I have heard from several people and read in >several guides that it is possible with saslauthd -a ldap and put the following >option in the imapd.conf: >sasl_pwcheck_method: saslauthd > >But of course when I try to do that I get error messages. The first one >is when I execute the command saslauthd -a ldap: > >saslauthd[285] :set_auth_mech : unknown authentication mechanism: ldap > >the solution is not by using pam because that is not an option in >saslauthd. > >The second one is when I try to open a mailbox in outlook express. Then >I get the messages that on line (the line where sasl_pwcheck_method is located) >that the command is unknown. > >What am I missing or doing wrong? I hope anyone could help me. > >Thanks in advance > >Geert Reijnders > > > > > > > <>
Re: imap and ldap
> Hi all > > Again I have a question. I want to setup a mail-server and the users must > be retrieved from the ldap-server. I have heard from several people and > read in several guides that it is possible with saslauthd -a ldap and put > the following option in the imapd.conf: > sasl_pwcheck_method: saslauthd > > But of course when I try to do that I get error messages. The first one is > when I execute the command saslauthd -a ldap: > > saslauthd[285] :set_auth_mech : unknown authentication mechanism: ldap Did you compile your cyrus-sasl with ldap support? It looks like ldap support is missing. Simon > > the solution is not by using pam because that is not an option in > saslauthd. > > The second one is when I try to open a mailbox in outlook express. Then I > get the messages that on line (the line where sasl_pwcheck_method is > located) that the command is unknown. > > What am I missing or doing wrong? I hope anyone could help me. > > Thanks in advance > > Geert Reijnders > > > > > >
Re: imap and ldap
Hi you must have a "ldap capable" saslauthd # saslauthd -v saslauthd 2.1.17 authentication mechanisms: getpwent pam rimap shadow ldap to obtain this, you have to configure --with-ldap Geert Reijnders wrote: Hi all Again I have a question. I want to setup a mail-server and the users must be retrieved from the ldap-server. I have heard from several people and read in several guides that it is possible with saslauthd -a ldap and put the following option in the imapd.conf: sasl_pwcheck_method: saslauthd But of course when I try to do that I get error messages. The first one is when I execute the command saslauthd -a ldap: saslauthd[285] :set_auth_mech : unknown authentication mechanism: ldap the solution is not by using pam because that is not an option in saslauthd. The second one is when I try to open a mailbox in outlook express. Then I get the messages that on line (the line where sasl_pwcheck_method is located) that the command is unknown. What am I missing or doing wrong? I hope anyone could help me. Thanks in advance Geert Reijnders
