Re: cyrus-2.2.3 + cyrus-sasl + ldap problem
On Fri, 21 May 2004, Andrew B. Panphiloff wrote: > I have strange behaviour of cyrus-imapd and cyrus-sasl. > > imapd config : > > -- > tls_ca_file: /etc/ssl/cyrus.pem > tls_cert_file: /etc/ssl/cyrus.pem > tls_key_file: /etc/ssl/cyrus.pem > virtdomains: yes > defaultdomain: localhost > configdirectory: /var/imap > partition-default: /var/spool/imap > sievedir: /var/imap/sieve > altnamespace: no > unixhierarchysep: no > lmtp_downcase_rcpt: yes > admins: cyrus > allowanonymouslogin: no > popminpoll: 0 > autocreatequota: 10 > createonpost: yes > autocreateinboxfolders: Sent | Drafts | Templates | Trash > autosubscribeinboxfolders: Sent | Drafts > umask: 077 > sieveusehomedir: false > hashimapspool: true > allowplaintext: yes > sasl_mech_list: plain login > sasl_minimum_layer: 0 > sasl_pwcheck_method: saslauthd > sasl_auto_transition: no > tls_ca_path: /etc/ssl/certs > tls_session_timeout: 1440 > tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH > lmtpsocket: /var/run/cyrus/socket/lmtp > idlesocket: /var/run/cyrus/socket/idle > notifysocket: /var/run/cyrus/socket/notify > --- > > saslauthd.conf config: > > --- > ldap_servers: ldap://127.0.0.1 > ldap_bind_dn: cn=admin,o=8ka.mipt.ru > ldap_bind_pw: xxx > ldap_version: 3 > ldap_search_base: ou=Mail,o=8ka.mipt.ru > ldap_filter: mail=%u Change to ldap_filter: [EMAIL PROTECTED] and things will work. > why in first case saslauthd get "[EMAIL PROTECTED]" and "realm=" if you want to emulate imapd behavior, you need to 'testsaslauthd -u jeka -r 8ka.mipt.ru -p xxx' > but in second case it get "user=jeka" and "realm=8ka.mipt.ru" ? > How fix this behaviour ? libsasl splits fully qualified username before it is passed to saslauthd. An alternate fix is to download the cvs version of saslauthd and use -r option which reassembles fully qualified username before it is passed to authentication mechs. -- Igor --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus-2.2.3 + cyrus-sasl + ldap problem
On Fri, 21 May 2004, Andrew B. Panphiloff wrote: why in first case saslauthd get "[EMAIL PROTECTED]" and "realm=" but in second case it get "user=jeka" and "realm=8ka.mipt.ru" ? How fix this behaviour ? Because SASL treats everything after the @ sign as a 'realm'. You'll need to fix your filter accordingly (e.g. [EMAIL PROTECTED]) -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus-2.2.3 + cyrus-sasl + ldap problem
I have strange behaviour of cyrus-imapd and cyrus-sasl. imapd config : -- tls_ca_file: /etc/ssl/cyrus.pem tls_cert_file: /etc/ssl/cyrus.pem tls_key_file: /etc/ssl/cyrus.pem virtdomains: yes defaultdomain: localhost configdirectory: /var/imap partition-default: /var/spool/imap sievedir: /var/imap/sieve altnamespace: no unixhierarchysep: no lmtp_downcase_rcpt: yes admins: cyrus allowanonymouslogin: no popminpoll: 0 autocreatequota: 10 createonpost: yes autocreateinboxfolders: Sent | Drafts | Templates | Trash autosubscribeinboxfolders: Sent | Drafts umask: 077 sieveusehomedir: false hashimapspool: true allowplaintext: yes sasl_mech_list: plain login sasl_minimum_layer: 0 sasl_pwcheck_method: saslauthd sasl_auto_transition: no tls_ca_path: /etc/ssl/certs tls_session_timeout: 1440 tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH lmtpsocket: /var/run/cyrus/socket/lmtp idlesocket: /var/run/cyrus/socket/idle notifysocket: /var/run/cyrus/socket/notify --- saslauthd.conf config: --- ldap_servers: ldap://127.0.0.1 ldap_bind_dn: cn=admin,o=8ka.mipt.ru ldap_bind_pw: xxx ldap_version: 3 ldap_search_base: ou=Mail,o=8ka.mipt.ru ldap_filter: mail=%u --- when I tries test authentification with testsaslauthd all works ok ./testsaslauthd -u [EMAIL PROTECTED] -p xxx 0: OK "Success." ldap log: ==> ldbm_back_bind: dn: cn=admin,o=8ka.mipt.ru ldbm_cache_open (blksize 8192) (maxids 1022) (maxindirect 9) ldbm_cache_open (blksize 8192) (maxids 1022) (maxindirect 9) send_ldap_result: err=0 matched="" text="" connection_get(10) SRCH "ou=Mail,o=8ka.mipt.ru" 2 01 5 0 filter: ([EMAIL PROTECTED]) attrs: dn saslauthd log: saslauthd[6918] :do_auth : auth success: [EMAIL PROTECTED] [service=imap] [realm=] [mech=ldap] saslauthd[6918] :do_request : response: OK but when I tries test authentification with cyrus-imapd I get: Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK sunduck Cyrus IMAP4 v2.2.3-Gentoo server ready 1 login [EMAIL PROTECTED] xxx 1 NO Login failed: authentication failure ldap log: ==> ldbm_back_bind: dn: cn=admin,o=8ka.mipt.ru ldbm_cache_open (blksize 8192) (maxids 1022) (maxindirect 9) ldbm_cache_open (blksize 8192) (maxids 1022) (maxindirect 9) send_ldap_result: err=0 matched="" text="" connection_get(9) SRCH "ou=Mail,o=8ka.mipt.ru" 2 01 5 0 filter: (mail=jeka) attrs: dn saslauthd log: saslauthd[7158] :do_auth : auth failure: [user=jeka] [service=imap] [realm=8ka.mipt.ru] [mech=ldap] [reason=Unknown] saslauthd[7158] :do_request : response: NO why in first case saslauthd get "[EMAIL PROTECTED]" and "realm=" but in second case it get "user=jeka" and "realm=8ka.mipt.ru" ? How fix this behaviour ? --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus-sasl / ldap problem
On Tue, 29 Oct 2002, Gregory Chagnon wrote: > Thanks Igor, that helped a little...now it looks like it's being > authenticated against the LDAP database and getting granted access. > However, when I run imtest -m login -a cliff.clavin localhost, I get this: > > [root@Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> imtest -m login -a > cliff.clavin localhost > S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready > C: C01 CAPABILITY > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT > LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE > S: C01 OK Completed > Please enter your password: > C: L01 LOGIN cliff.clavin {6} > S: + go ahead > C: > S: L01 NO Login failed: authentication failure > Authentication failed. generic failure > Security strength factor: 0 > Did testsaslauthd run successfully? Check syslog messages for imapd. -Igor
Re: cyrus-sasl / ldap problem
s_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "gidNumber" requested Oct 29 15:04:09 Lunar slapd[3188]: <= root access granted Oct 29 15:04:09 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "gidNumber" requested Oct 29 15:04:09 Lunar slapd[3188]: <= root access granted Oct 29 15:04:09 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "homeDirectory" requested Oct 29 15:04:09 Lunar slapd[3188]: <= root access granted Oct 29 15:04:09 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "homeDirectory" requested Oct 29 15:04:09 Lunar slapd[3188]: <= root access granted Oct 29 15:04:09 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "loginShell" requested Oct 29 15:04:09 Lunar slapd[3188]: <= root access granted Oct 29 15:04:09 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "loginShell" requested Oct 29 15:04:09 Lunar slapd[3188]: <= root access granted Oct 29 15:04:10 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "gecos" requested Oct 29 15:04:10 Lunar slapd[3188]: <= root access granted Oct 29 15:04:10 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "gecos" requested Oct 29 15:04:10 Lunar slapd[3188]: <= root access granted Oct 29 15:04:10 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "description" requested Oct 29 15:04:10 Lunar slapd[3188]: <= root access granted Oct 29 15:04:10 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "description" requested Oct 29 15:04:10 Lunar slapd[3188]: <= root access granted Oct 29 15:04:10 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "userPassword" requested Oct 29 15:04:10 Lunar slapd[3188]: <= root access granted Oct 29 15:04:10 Lunar slapd[3188]: => access_allowed: read access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" "userPassword" requested Oct 29 15:04:10 Lunar slapd[3188]: <= root access granted Oct 29 15:04:10 Lunar slapd[3188]: conn=122 op=1 ENTRY dn="uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" Oct 29 15:04:10 Lunar slapd[3188]: <= send_search_entry Oct 29 15:04:10 Lunar slapd[3188]: > cache_return_entry_r( 26 ): returned (0) Oct 29 15:04:10 Lunar slapd[3188]: send_ldap_search_result 0:: Oct 29 15:04:10 Lunar slapd[3188]: send_ldap_response: msgid=2 tag=101 err=0 Oct 29 15:04:10 Lunar slapd[3188]: conn=122 op=1 SEARCH RESULT tag=101 err=0 text= Oct 29 15:04:10 Lunar slapd[664]: daemon: activity on 1 descriptors Oct 29 15:04:10 Lunar slapd[664]: daemon: activity on: Oct 29 15:04:10 Lunar slapd[664]: 23r Oct 29 15:04:10 Lunar slapd[664]: Oct 29 15:04:10 Lunar slapd[664]: daemon: read activity on 23 Oct 29 15:04:10 Lunar slapd[664]: connection_get(23) Oct 29 15:04:10 Lunar slapd[664]: connection_get(23): got connid=122 Oct 29 15:04:10 Lunar slapd[664]: connection_read(23): checking for input on id=122 Oct 29 15:04:10 Lunar slapd[664]: ber_get_next on fd 23 failed errno=11 (Resource temporarily unavailable) Oct 29 15:04:10 Lunar slapd[11016]: do_bind Oct 29 15:04:10 Lunar slapd[664]: daemon: select: listen=6 active_threads=1 tvp=NULL Oct 29 15:04:10 Lunar slapd[11016]: do_bind: version=3 dn="uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" method=128 Oct 29 15:04:10 Lunar slapd[11016]: conn=122 op=2 BIND dn="UID=CLIFF.CLAVIN,OU=USERS,DC=GREGBOX,DC=COM" method=128 Oct 29 15:04:10 Lunar slapd[11016]: ==> ldbm_back_bind: dn: uid=cliff.clavin,ou=Users,dc=gregbox,dc=com Oct 29 15:04:10 Lunar slapd[11016]: dn2entry_r: dn: "UID=CLIFF.CLAVIN,OU=USERS,DC=GREGBOX,DC=COM" Oct 29 15:04:10 Lunar slapd[11016]: => dn2id( "UID=CLIFF.CLAVIN,OU=USERS,DC=GREGBOX,DC=COM" ) Oct 29 15:04:10 Lunar slapd[11016]: > cache_find_entry_dn2id("UID=CLIFF.CLAVIN,OU=USERS,DC=GREGBOX,DC=COM"): 26 (1 tries) Oct 29 15:04:10 Lunar slapd[11016]: <= dn2id 26 (in cache) Oct 29 15:04:10 Lunar slapd[11016]: => id2entry_r( 26 ) Oct 29 15:04:10 Lunar slapd[11016]: > cache_find_entry_id( 26 ) "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com" (found) (1 tries) Oct 29 15:04:10 Lunar slapd[11016]: <= id2entry_r( 26 ) 0x8189108 (cache) Oct 29 15:04:10 Lunar slapd[11016]: => access_allowed: auth access to "uid=cliff.clavin,ou=Users,dc=gregbox,dc=com
Re: cyrus-sasl / ldap problem
On Tue, 29 Oct 2002, Gregory Chagnon wrote: > One more thing...now when I run testsaslauthd, I get this entry in > /var/log/ldap.log: > > Oct 29 14:13:58 Lunar slapd[5790]: conn=102 op=1 SRCH base="" scope=2 > filter="(uid=greg.chagnon)" > Oct 29 14:13:58 Lunar slapd[5790]: send_ldap_result: conn=102 op=1 p=3 > Oct 29 14:13:58 Lunar slapd[5790]: send_ldap_result: 10:: > Oct 29 14:13:58 Lunar slapd[5790]: send_ldap_response: msgid=2 tag=101 > err=32 > Oct 29 14:13:58 Lunar slapd[5790]: conn=102 op=1 RESULT tag=101 err=32 text= > > Shouldn't SRCH base be set to something? In my case it would be > ou=Users,dc=gregbox,dc=com. Where is that set? You need to specify search base in saslauthd.conf: ldap_search_base: ou=Users,dc=gregbox,dc=com -Igor > -Greg > > > > > > > >From: Igor Brezac <[EMAIL PROTECTED]> > >Reply-To: [EMAIL PROTECTED] > >To: Gregory Chagnon <[EMAIL PROTECTED]> > >CC: [EMAIL PROTECTED] > >Subject: Re: cyrus-sasl / ldap problem > >Date: Tue, 29 Oct 2002 10:52:59 -0500 (EST) > > > > > >It looks like saslauthd is not running or testsaslauthd is pointing to a > >wrong socket. I am not sure where you got your rpm sources from, but I > >suggest that you get the sources from CMU and recompile: > >http://asg.web.cmu.edu/cyrus/download/ > > > >I recommend that you download cyrus-sasl from CVS: > >http://asg.web.cmu.edu/cyrus/download/anoncvs.html > > > >-Igor > > > >On Tue, 29 Oct 2002, Gregory Chagnon wrote: > > > > > Igor: > > > I get this error when I run testsaslauthd: > > > [root@Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> ./testsaslauthd -u > > > cliff.clavin -p * > > > connect() : No such file or directory > > > > > > > > > > > > > > > > > > > > > > > > >From: Igor Brezac <[EMAIL PROTECTED]> > > > >Reply-To: [EMAIL PROTECTED] > > > >To: Gregory Chagnon <[EMAIL PROTECTED]> > > > >CC: [EMAIL PROTECTED] > > > >Subject: Re: cyrus-sasl / ldap problem > > > >Date: Tue, 29 Oct 2002 09:22:22 -0500 (EST) > > > > > > > > > > > >Test saslauthd first. cd $cyrus-sasl-src/saslauthd; make testsaslauthd > > > >./testsaslauthd -u username -p password > > > > > > > >If you do not get OK, check syslog for saslauthd errors. > > > > > > > >-Igor > > > > > > > >On Tue, 29 Oct 2002, Gregory Chagnon wrote: > > > > > > > > > Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. > >User > > > > > cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run > >imtest, > > > >here > > > > > is the error I get...thanks everyone so much in advance: > > > > > > > > > > [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin > >localhost > > > > > S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready > > > > > C: C01 CAPABILITY > > > > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > > > > > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND > >SORT > > > > > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT > > > > > LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE > > > > > S: C01 OK Completed > > > > > Please enter your password: > > > > > C: L01 LOGIN cliff.clavin {6} > > > > > S: + go ahead > > > > > C: > > > > > S: L01 NO Login failed: generic failure > > > > > Authentication failed. generic failure > > > > > Security strength factor: 0 > > > > > C: Q01 LOGOUT > > > > > Connection closed. > > > > > > > > > > > > > > > Here is the entry from /var/log/imap.log: > > > > > > > > > > Oct 29 08:47:14 Lunar master[6197]: about to exec > > > >/usr/libexec/cyrus/imapd > > > > > Oct 29 08:47:14 Lunar imap[6197]: executed > > > > > Oct 29 08:47:14 Lunar imapd[5489]: accepted connection > > > > > Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] > >plaintext > > > > > cliff.clavin SASL(-1): generic failure: checkpass failed > > > > > Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 > > > > > > > > > > > > > > > Here are
Re: cyrus-sasl / ldap problem
On Tue, 29 Oct 2002, Gregory Chagnon wrote: > I got testsaslauthd to work...I had to specify the socket: > [root@Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> ./testsaslauthd -u > cliff.clavin -p -f /var/run/saslauthd/mux > 0: NO "authentication failed" > > Do I have to specify anywhere in Cyrus imapd where to look for this socket > as well? Yes, in imapd.conf add: sasl_saslauthd_path: /var/run/saslauthd/mux -Igor > -Greg > > > > > > > > >From: Igor Brezac <[EMAIL PROTECTED]> > >Reply-To: [EMAIL PROTECTED] > >To: Gregory Chagnon <[EMAIL PROTECTED]> > >CC: [EMAIL PROTECTED] > >Subject: Re: cyrus-sasl / ldap problem > >Date: Tue, 29 Oct 2002 10:52:59 -0500 (EST) > > > > > >It looks like saslauthd is not running or testsaslauthd is pointing to a > >wrong socket. I am not sure where you got your rpm sources from, but I > >suggest that you get the sources from CMU and recompile: > >http://asg.web.cmu.edu/cyrus/download/ > > > >I recommend that you download cyrus-sasl from CVS: > >http://asg.web.cmu.edu/cyrus/download/anoncvs.html > > > >-Igor > > > >On Tue, 29 Oct 2002, Gregory Chagnon wrote: > > > > > Igor: > > > I get this error when I run testsaslauthd: > > > [root@Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> ./testsaslauthd -u > > > cliff.clavin -p * > > > connect() : No such file or directory > > > > > > > > > > > > > > > > > > > > > > > > >From: Igor Brezac <[EMAIL PROTECTED]> > > > >Reply-To: [EMAIL PROTECTED] > > > >To: Gregory Chagnon <[EMAIL PROTECTED]> > > > >CC: [EMAIL PROTECTED] > > > >Subject: Re: cyrus-sasl / ldap problem > > > >Date: Tue, 29 Oct 2002 09:22:22 -0500 (EST) > > > > > > > > > > > >Test saslauthd first. cd $cyrus-sasl-src/saslauthd; make testsaslauthd > > > >./testsaslauthd -u username -p password > > > > > > > >If you do not get OK, check syslog for saslauthd errors. > > > > > > > >-Igor > > > > > > > >On Tue, 29 Oct 2002, Gregory Chagnon wrote: > > > > > > > > > Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. > >User > > > > > cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run > >imtest, > > > >here > > > > > is the error I get...thanks everyone so much in advance: > > > > > > > > > > [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin > >localhost > > > > > S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready > > > > > C: C01 CAPABILITY > > > > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > > > > > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND > >SORT > > > > > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT > > > > > LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE > > > > > S: C01 OK Completed > > > > > Please enter your password: > > > > > C: L01 LOGIN cliff.clavin {6} > > > > > S: + go ahead > > > > > C: > > > > > S: L01 NO Login failed: generic failure > > > > > Authentication failed. generic failure > > > > > Security strength factor: 0 > > > > > C: Q01 LOGOUT > > > > > Connection closed. > > > > > > > > > > > > > > > Here is the entry from /var/log/imap.log: > > > > > > > > > > Oct 29 08:47:14 Lunar master[6197]: about to exec > > > >/usr/libexec/cyrus/imapd > > > > > Oct 29 08:47:14 Lunar imap[6197]: executed > > > > > Oct 29 08:47:14 Lunar imapd[5489]: accepted connection > > > > > Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] > >plaintext > > > > > cliff.clavin SASL(-1): generic failure: checkpass failed > > > > > Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 > > > > > > > > > > > > > > > Here are my config files: > > > > > > > > > > <> > > > > > > > > > > configdirectory: /var/lib/imap > > > > > partition-default: /var/spool/imap > > > > > admins: cliff.clavin cyrus gchagnon > > > > > allowanonymouslogin: no > > > > > s
Re: cyrus-sasl / ldap problem
One more thing...now when I run testsaslauthd, I get this entry in /var/log/ldap.log: Oct 29 14:13:58 Lunar slapd[5790]: conn=102 op=1 SRCH base="" scope=2 filter="(uid=greg.chagnon)" Oct 29 14:13:58 Lunar slapd[5790]: send_ldap_result: conn=102 op=1 p=3 Oct 29 14:13:58 Lunar slapd[5790]: send_ldap_result: 10:: Oct 29 14:13:58 Lunar slapd[5790]: send_ldap_response: msgid=2 tag=101 err=32 Oct 29 14:13:58 Lunar slapd[5790]: conn=102 op=1 RESULT tag=101 err=32 text= Shouldn't SRCH base be set to something? In my case it would be ou=Users,dc=gregbox,dc=com. Where is that set? -Greg From: Igor Brezac <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: Gregory Chagnon <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED] Subject: Re: cyrus-sasl / ldap problem Date: Tue, 29 Oct 2002 10:52:59 -0500 (EST) It looks like saslauthd is not running or testsaslauthd is pointing to a wrong socket. I am not sure where you got your rpm sources from, but I suggest that you get the sources from CMU and recompile: http://asg.web.cmu.edu/cyrus/download/ I recommend that you download cyrus-sasl from CVS: http://asg.web.cmu.edu/cyrus/download/anoncvs.html -Igor On Tue, 29 Oct 2002, Gregory Chagnon wrote: > Igor: > I get this error when I run testsaslauthd: > [root@Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> ./testsaslauthd -u > cliff.clavin -p * > connect() : No such file or directory > > > > > > > > >From: Igor Brezac <[EMAIL PROTECTED]> > >Reply-To: [EMAIL PROTECTED] > >To: Gregory Chagnon <[EMAIL PROTECTED]> > >CC: [EMAIL PROTECTED] > >Subject: Re: cyrus-sasl / ldap problem > >Date: Tue, 29 Oct 2002 09:22:22 -0500 (EST) > > > > > >Test saslauthd first. cd $cyrus-sasl-src/saslauthd; make testsaslauthd > >./testsaslauthd -u username -p password > > > >If you do not get OK, check syslog for saslauthd errors. > > > >-Igor > > > >On Tue, 29 Oct 2002, Gregory Chagnon wrote: > > > > > Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. User > > > cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run imtest, > >here > > > is the error I get...thanks everyone so much in advance: > > > > > > [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin localhost > > > S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready > > > C: C01 CAPABILITY > > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > > > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > > > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT > > > LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE > > > S: C01 OK Completed > > > Please enter your password: > > > C: L01 LOGIN cliff.clavin {6} > > > S: + go ahead > > > C: > > > S: L01 NO Login failed: generic failure > > > Authentication failed. generic failure > > > Security strength factor: 0 > > > C: Q01 LOGOUT > > > Connection closed. > > > > > > > > > Here is the entry from /var/log/imap.log: > > > > > > Oct 29 08:47:14 Lunar master[6197]: about to exec > >/usr/libexec/cyrus/imapd > > > Oct 29 08:47:14 Lunar imap[6197]: executed > > > Oct 29 08:47:14 Lunar imapd[5489]: accepted connection > > > Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] plaintext > > > cliff.clavin SASL(-1): generic failure: checkpass failed > > > Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 > > > > > > > > > Here are my config files: > > > > > > <> > > > > > > configdirectory: /var/lib/imap > > > partition-default: /var/spool/imap > > > admins: cliff.clavin cyrus gchagnon > > > allowanonymouslogin: no > > > sieveuserhomedir: no > > > sievedir: /var/lib/imap/sieve > > > sendmail: /usr/sbin/sendmail > > > hashimapspool: true > > > sasl_pwcheck_method: saslauthd > > > sasl_passwd_check: saslauthd > > > sasl_ldap_server: localhost > > > #sasl_ldap_basedn: ou=Users,dc=gregbox,dc=com > > > sasl_ldap_basedn: dc=gregbox,dc=com > > > sasl_mech_list: PLAIN > > > tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem > > > tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem > > > > > > <> > > > > > > ldap_servers: ldap://localhost/ > > > ldap_bind_dn: cn=Manager,dc=gregbox,dc=com > > > ldap_bind_pw: *** > > > > > > <> >
Re: cyrus-sasl / ldap problem
I got testsaslauthd to work...I had to specify the socket: [root@Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> ./testsaslauthd -u cliff.clavin -p -f /var/run/saslauthd/mux 0: NO "authentication failed" Do I have to specify anywhere in Cyrus imapd where to look for this socket as well? -Greg From: Igor Brezac <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: Gregory Chagnon <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED] Subject: Re: cyrus-sasl / ldap problem Date: Tue, 29 Oct 2002 10:52:59 -0500 (EST) It looks like saslauthd is not running or testsaslauthd is pointing to a wrong socket. I am not sure where you got your rpm sources from, but I suggest that you get the sources from CMU and recompile: http://asg.web.cmu.edu/cyrus/download/ I recommend that you download cyrus-sasl from CVS: http://asg.web.cmu.edu/cyrus/download/anoncvs.html -Igor On Tue, 29 Oct 2002, Gregory Chagnon wrote: > Igor: > I get this error when I run testsaslauthd: > [root@Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> ./testsaslauthd -u > cliff.clavin -p * > connect() : No such file or directory > > > > > > > > >From: Igor Brezac <[EMAIL PROTECTED]> > >Reply-To: [EMAIL PROTECTED] > >To: Gregory Chagnon <[EMAIL PROTECTED]> > >CC: [EMAIL PROTECTED] > >Subject: Re: cyrus-sasl / ldap problem > >Date: Tue, 29 Oct 2002 09:22:22 -0500 (EST) > > > > > >Test saslauthd first. cd $cyrus-sasl-src/saslauthd; make testsaslauthd > >./testsaslauthd -u username -p password > > > >If you do not get OK, check syslog for saslauthd errors. > > > >-Igor > > > >On Tue, 29 Oct 2002, Gregory Chagnon wrote: > > > > > Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. User > > > cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run imtest, > >here > > > is the error I get...thanks everyone so much in advance: > > > > > > [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin localhost > > > S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready > > > C: C01 CAPABILITY > > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > > > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > > > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT > > > LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE > > > S: C01 OK Completed > > > Please enter your password: > > > C: L01 LOGIN cliff.clavin {6} > > > S: + go ahead > > > C: > > > S: L01 NO Login failed: generic failure > > > Authentication failed. generic failure > > > Security strength factor: 0 > > > C: Q01 LOGOUT > > > Connection closed. > > > > > > > > > Here is the entry from /var/log/imap.log: > > > > > > Oct 29 08:47:14 Lunar master[6197]: about to exec > >/usr/libexec/cyrus/imapd > > > Oct 29 08:47:14 Lunar imap[6197]: executed > > > Oct 29 08:47:14 Lunar imapd[5489]: accepted connection > > > Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] plaintext > > > cliff.clavin SASL(-1): generic failure: checkpass failed > > > Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 > > > > > > > > > Here are my config files: > > > > > > <> > > > > > > configdirectory: /var/lib/imap > > > partition-default: /var/spool/imap > > > admins: cliff.clavin cyrus gchagnon > > > allowanonymouslogin: no > > > sieveuserhomedir: no > > > sievedir: /var/lib/imap/sieve > > > sendmail: /usr/sbin/sendmail > > > hashimapspool: true > > > sasl_pwcheck_method: saslauthd > > > sasl_passwd_check: saslauthd > > > sasl_ldap_server: localhost > > > #sasl_ldap_basedn: ou=Users,dc=gregbox,dc=com > > > sasl_ldap_basedn: dc=gregbox,dc=com > > > sasl_mech_list: PLAIN > > > tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem > > > tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem > > > > > > <> > > > > > > ldap_servers: ldap://localhost/ > > > ldap_bind_dn: cn=Manager,dc=gregbox,dc=com > > > ldap_bind_pw: *** > > > > > > <> > > > databaseldbm > > > suffix "dc=gregbox,dc=com" > > > rootdn "cn=Manager,dc=gregbox,dc=com" > > > rootpw *** > > > directory /var/lib/ldap > > > > > > index objectClass,uid,uidNumber,gidNumber,memberUid eq > > > index cn,mail,surname,givenname eq,subinitial > > > > > > > > > > > > _ > > > Protect your PC - get McAfee.com VirusScan Online > > > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > > > > > > > > >-- > >Igor > > > _ > Unlimited Internet access -- and 2 months free! Try MSN. > http://resourcecenter.msn.com/access/plans/2monthsfree.asp > > -- Igor _ Internet access plans that fit your lifestyle -- join MSN. http://resourcecenter.msn.com/access/plans/default.asp
Re: cyrus-sasl / ldap problem
[root@Lunar]:/var/log> /etc/init.d/saslauthd status saslauthd (pid 7636 7635 7634 7631 7630) is running... So it looks like saslauthd is running...I got the source RPMs from the RH 8 CD. I don't think it's a problem with saslauthd, I think it's a problem with Cyrus IMAP... -Greg From: Igor Brezac <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: Gregory Chagnon <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED] Subject: Re: cyrus-sasl / ldap problem Date: Tue, 29 Oct 2002 10:52:59 -0500 (EST) It looks like saslauthd is not running or testsaslauthd is pointing to a wrong socket. I am not sure where you got your rpm sources from, but I suggest that you get the sources from CMU and recompile: http://asg.web.cmu.edu/cyrus/download/ I recommend that you download cyrus-sasl from CVS: http://asg.web.cmu.edu/cyrus/download/anoncvs.html -Igor On Tue, 29 Oct 2002, Gregory Chagnon wrote: > Igor: > I get this error when I run testsaslauthd: > [root@Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> ./testsaslauthd -u > cliff.clavin -p * > connect() : No such file or directory > > > > > > > > >From: Igor Brezac <[EMAIL PROTECTED]> > >Reply-To: [EMAIL PROTECTED] > >To: Gregory Chagnon <[EMAIL PROTECTED]> > >CC: [EMAIL PROTECTED] > >Subject: Re: cyrus-sasl / ldap problem > >Date: Tue, 29 Oct 2002 09:22:22 -0500 (EST) > > > > > >Test saslauthd first. cd $cyrus-sasl-src/saslauthd; make testsaslauthd > >./testsaslauthd -u username -p password > > > >If you do not get OK, check syslog for saslauthd errors. > > > >-Igor > > > >On Tue, 29 Oct 2002, Gregory Chagnon wrote: > > > > > Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. User > > > cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run imtest, > >here > > > is the error I get...thanks everyone so much in advance: > > > > > > [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin localhost > > > S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready > > > C: C01 CAPABILITY > > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > > > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > > > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT > > > LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE > > > S: C01 OK Completed > > > Please enter your password: > > > C: L01 LOGIN cliff.clavin {6} > > > S: + go ahead > > > C: > > > S: L01 NO Login failed: generic failure > > > Authentication failed. generic failure > > > Security strength factor: 0 > > > C: Q01 LOGOUT > > > Connection closed. > > > > > > > > > Here is the entry from /var/log/imap.log: > > > > > > Oct 29 08:47:14 Lunar master[6197]: about to exec > >/usr/libexec/cyrus/imapd > > > Oct 29 08:47:14 Lunar imap[6197]: executed > > > Oct 29 08:47:14 Lunar imapd[5489]: accepted connection > > > Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] plaintext > > > cliff.clavin SASL(-1): generic failure: checkpass failed > > > Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 > > > > > > > > > Here are my config files: > > > > > > <> > > > > > > configdirectory: /var/lib/imap > > > partition-default: /var/spool/imap > > > admins: cliff.clavin cyrus gchagnon > > > allowanonymouslogin: no > > > sieveuserhomedir: no > > > sievedir: /var/lib/imap/sieve > > > sendmail: /usr/sbin/sendmail > > > hashimapspool: true > > > sasl_pwcheck_method: saslauthd > > > sasl_passwd_check: saslauthd > > > sasl_ldap_server: localhost > > > #sasl_ldap_basedn: ou=Users,dc=gregbox,dc=com > > > sasl_ldap_basedn: dc=gregbox,dc=com > > > sasl_mech_list: PLAIN > > > tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem > > > tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem > > > > > > <> > > > > > > ldap_servers: ldap://localhost/ > > > ldap_bind_dn: cn=Manager,dc=gregbox,dc=com > > > ldap_bind_pw: *** > > > > > > <> > > > databaseldbm > > > suffix "dc=gregbox,dc=com" > > > rootdn "cn=Manager,dc=gregbox,dc=com" > > > rootpw *** > > > directory /var/lib/ldap > > > > > > index objectClass,uid,uidNumber,gidNumber,memberUid eq > > > index cn,mail,surname,givenname eq,subinitial > > > > > > > > > > > > _ > > > Protect your PC - get McAfee.com VirusScan Online > > > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > > > > > > > > >-- > >Igor > > > _ > Unlimited Internet access -- and 2 months free! Try MSN. > http://resourcecenter.msn.com/access/plans/2monthsfree.asp > > -- Igor _ Surf the Web without missing calls! Get MSN Broadband. http://resourcecenter.msn.com/access/plans/freeactivation.asp
Re: cyrus-sasl / ldap problem
It looks like saslauthd is not running or testsaslauthd is pointing to a wrong socket. I am not sure where you got your rpm sources from, but I suggest that you get the sources from CMU and recompile: http://asg.web.cmu.edu/cyrus/download/ I recommend that you download cyrus-sasl from CVS: http://asg.web.cmu.edu/cyrus/download/anoncvs.html -Igor On Tue, 29 Oct 2002, Gregory Chagnon wrote: > Igor: > I get this error when I run testsaslauthd: > [root@Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> ./testsaslauthd -u > cliff.clavin -p * > connect() : No such file or directory > > > > > > > > >From: Igor Brezac <[EMAIL PROTECTED]> > >Reply-To: [EMAIL PROTECTED] > >To: Gregory Chagnon <[EMAIL PROTECTED]> > >CC: [EMAIL PROTECTED] > >Subject: Re: cyrus-sasl / ldap problem > >Date: Tue, 29 Oct 2002 09:22:22 -0500 (EST) > > > > > >Test saslauthd first. cd $cyrus-sasl-src/saslauthd; make testsaslauthd > >./testsaslauthd -u username -p password > > > >If you do not get OK, check syslog for saslauthd errors. > > > >-Igor > > > >On Tue, 29 Oct 2002, Gregory Chagnon wrote: > > > > > Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. User > > > cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run imtest, > >here > > > is the error I get...thanks everyone so much in advance: > > > > > > [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin localhost > > > S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready > > > C: C01 CAPABILITY > > > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > > > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > > > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT > > > LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE > > > S: C01 OK Completed > > > Please enter your password: > > > C: L01 LOGIN cliff.clavin {6} > > > S: + go ahead > > > C: > > > S: L01 NO Login failed: generic failure > > > Authentication failed. generic failure > > > Security strength factor: 0 > > > C: Q01 LOGOUT > > > Connection closed. > > > > > > > > > Here is the entry from /var/log/imap.log: > > > > > > Oct 29 08:47:14 Lunar master[6197]: about to exec > >/usr/libexec/cyrus/imapd > > > Oct 29 08:47:14 Lunar imap[6197]: executed > > > Oct 29 08:47:14 Lunar imapd[5489]: accepted connection > > > Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] plaintext > > > cliff.clavin SASL(-1): generic failure: checkpass failed > > > Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 > > > > > > > > > Here are my config files: > > > > > > <> > > > > > > configdirectory: /var/lib/imap > > > partition-default: /var/spool/imap > > > admins: cliff.clavin cyrus gchagnon > > > allowanonymouslogin: no > > > sieveuserhomedir: no > > > sievedir: /var/lib/imap/sieve > > > sendmail: /usr/sbin/sendmail > > > hashimapspool: true > > > sasl_pwcheck_method: saslauthd > > > sasl_passwd_check: saslauthd > > > sasl_ldap_server: localhost > > > #sasl_ldap_basedn: ou=Users,dc=gregbox,dc=com > > > sasl_ldap_basedn: dc=gregbox,dc=com > > > sasl_mech_list: PLAIN > > > tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem > > > tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem > > > > > > <> > > > > > > ldap_servers: ldap://localhost/ > > > ldap_bind_dn: cn=Manager,dc=gregbox,dc=com > > > ldap_bind_pw: *** > > > > > > <> > > > databaseldbm > > > suffix "dc=gregbox,dc=com" > > > rootdn "cn=Manager,dc=gregbox,dc=com" > > > rootpw *** > > > directory /var/lib/ldap > > > > > > index objectClass,uid,uidNumber,gidNumber,memberUid eq > > > index cn,mail,surname,givenname eq,subinitial > > > > > > > > > > > > _ > > > Protect your PC - get McAfee.com VirusScan Online > > > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > > > > > > > > >-- > >Igor > > > _ > Unlimited Internet access -- and 2 months free! Try MSN. > http://resourcecenter.msn.com/access/plans/2monthsfree.asp > > -- Igor
Re: cyrus-sasl / ldap problem
For me it work fine : try saslauthd.conf : ldap_servers: ldap://localhost:389 ldap_search_base: dc=gregbox,dc=com ldap_scope: sub Start sasl with specifie saslauthd.conf and mech: /usr/local/sasl/sbin/saslauthd -a ldap -O your_location/saslauthd.conf in my imapd.conf i have only (for sasl) sasl_pwcheck_method: saslauthd A 09:32 29/10/2002 -0500, vous avez écrit : One thing I left out, here is an entry from /var/log/auth.log which is entered everytime I try imtest: Oct 29 09:31:37 Lunar imapd[5495]: cannot connect to saslauthd server: No such file or directory From: "Gregory Chagnon" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: cyrus-sasl / ldap problem Date: Tue, 29 Oct 2002 08:52:40 -0500 Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. User cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run imtest, here is the error I get...thanks everyone so much in advance: [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin localhost S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE S: C01 OK Completed Please enter your password: C: L01 LOGIN cliff.clavin {6} S: + go ahead C: S: L01 NO Login failed: generic failure Authentication failed. generic failure Security strength factor: 0 C: Q01 LOGOUT Connection closed. Here is the entry from /var/log/imap.log: Oct 29 08:47:14 Lunar master[6197]: about to exec /usr/libexec/cyrus/imapd Oct 29 08:47:14 Lunar imap[6197]: executed Oct 29 08:47:14 Lunar imapd[5489]: accepted connection Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] plaintext cliff.clavin SASL(-1): generic failure: checkpass failed Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 Here are my config files: <> configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cliff.clavin cyrus gchagnon allowanonymouslogin: no sieveuserhomedir: no sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_passwd_check: saslauthd sasl_ldap_server: localhost #sasl_ldap_basedn: ou=Users,dc=gregbox,dc=com sasl_ldap_basedn: dc=gregbox,dc=com sasl_mech_list: PLAIN tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem <> ldap_servers: ldap://localhost/ ldap_bind_dn: cn=Manager,dc=gregbox,dc=com ldap_bind_pw: *** <> database ldbm suffix "dc=gregbox,dc=com" rootdn "cn=Manager,dc=gregbox,dc=com" rootpw *** directory /var/lib/ldap index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 _ Choose an Internet access plan right for you -- try MSN! http://resourcecenter.msn.com/access/plans/default.asp -- Julien Marchal -- Email : [EMAIL PROTECTED] Université NANCY 2 - C.R.I. 13, Rue Michel Ney CO 75 - 54037 Nancy Cédex
Re: cyrus-sasl / ldap problem
Igor: I get this error when I run testsaslauthd: [root@Lunar]:/usr/src/cyrus-sasl-2.1.9/saslauthd> ./testsaslauthd -u cliff.clavin -p * connect() : No such file or directory From: Igor Brezac <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: Gregory Chagnon <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED] Subject: Re: cyrus-sasl / ldap problem Date: Tue, 29 Oct 2002 09:22:22 -0500 (EST) Test saslauthd first. cd $cyrus-sasl-src/saslauthd; make testsaslauthd ./testsaslauthd -u username -p password If you do not get OK, check syslog for saslauthd errors. -Igor On Tue, 29 Oct 2002, Gregory Chagnon wrote: > Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. User > cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run imtest, here > is the error I get...thanks everyone so much in advance: > > [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin localhost > S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready > C: C01 CAPABILITY > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT > LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE > S: C01 OK Completed > Please enter your password: > C: L01 LOGIN cliff.clavin {6} > S: + go ahead > C: > S: L01 NO Login failed: generic failure > Authentication failed. generic failure > Security strength factor: 0 > C: Q01 LOGOUT > Connection closed. > > > Here is the entry from /var/log/imap.log: > > Oct 29 08:47:14 Lunar master[6197]: about to exec /usr/libexec/cyrus/imapd > Oct 29 08:47:14 Lunar imap[6197]: executed > Oct 29 08:47:14 Lunar imapd[5489]: accepted connection > Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] plaintext > cliff.clavin SASL(-1): generic failure: checkpass failed > Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 > > > Here are my config files: > > <> > > configdirectory: /var/lib/imap > partition-default: /var/spool/imap > admins: cliff.clavin cyrus gchagnon > allowanonymouslogin: no > sieveuserhomedir: no > sievedir: /var/lib/imap/sieve > sendmail: /usr/sbin/sendmail > hashimapspool: true > sasl_pwcheck_method: saslauthd > sasl_passwd_check: saslauthd > sasl_ldap_server: localhost > #sasl_ldap_basedn: ou=Users,dc=gregbox,dc=com > sasl_ldap_basedn: dc=gregbox,dc=com > sasl_mech_list: PLAIN > tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem > tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem > > <> > > ldap_servers: ldap://localhost/ > ldap_bind_dn: cn=Manager,dc=gregbox,dc=com > ldap_bind_pw: *** > > <> > databaseldbm > suffix "dc=gregbox,dc=com" > rootdn "cn=Manager,dc=gregbox,dc=com" > rootpw *** > directory /var/lib/ldap > > index objectClass,uid,uidNumber,gidNumber,memberUid eq > index cn,mail,surname,givenname eq,subinitial > > > > _ > Protect your PC - get McAfee.com VirusScan Online > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > -- Igor _ Unlimited Internet access -- and 2 months free! Try MSN. http://resourcecenter.msn.com/access/plans/2monthsfree.asp
Re: cyrus-sasl / ldap problem
One thing I left out, here is an entry from /var/log/auth.log which is entered everytime I try imtest: Oct 29 09:31:37 Lunar imapd[5495]: cannot connect to saslauthd server: No such file or directory From: "Gregory Chagnon" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: cyrus-sasl / ldap problem Date: Tue, 29 Oct 2002 08:52:40 -0500 Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. User cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run imtest, here is the error I get...thanks everyone so much in advance: [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin localhost S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE S: C01 OK Completed Please enter your password: C: L01 LOGIN cliff.clavin {6} S: + go ahead C: S: L01 NO Login failed: generic failure Authentication failed. generic failure Security strength factor: 0 C: Q01 LOGOUT Connection closed. Here is the entry from /var/log/imap.log: Oct 29 08:47:14 Lunar master[6197]: about to exec /usr/libexec/cyrus/imapd Oct 29 08:47:14 Lunar imap[6197]: executed Oct 29 08:47:14 Lunar imapd[5489]: accepted connection Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] plaintext cliff.clavin SASL(-1): generic failure: checkpass failed Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 Here are my config files: <> configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cliff.clavin cyrus gchagnon allowanonymouslogin: no sieveuserhomedir: no sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_passwd_check: saslauthd sasl_ldap_server: localhost #sasl_ldap_basedn: ou=Users,dc=gregbox,dc=com sasl_ldap_basedn: dc=gregbox,dc=com sasl_mech_list: PLAIN tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem <> ldap_servers: ldap://localhost/ ldap_bind_dn: cn=Manager,dc=gregbox,dc=com ldap_bind_pw: *** <> databaseldbm suffix "dc=gregbox,dc=com" rootdn "cn=Manager,dc=gregbox,dc=com" rootpw *** directory /var/lib/ldap index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 _ Choose an Internet access plan right for you -- try MSN! http://resourcecenter.msn.com/access/plans/default.asp
Re: cyrus-sasl / ldap problem
Test saslauthd first. cd $cyrus-sasl-src/saslauthd; make testsaslauthd ./testsaslauthd -u username -p password If you do not get OK, check syslog for saslauthd errors. -Igor On Tue, 29 Oct 2002, Gregory Chagnon wrote: > Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. User > cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run imtest, here > is the error I get...thanks everyone so much in advance: > > [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin localhost > S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready > C: C01 CAPABILITY > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT > LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE > S: C01 OK Completed > Please enter your password: > C: L01 LOGIN cliff.clavin {6} > S: + go ahead > C: > S: L01 NO Login failed: generic failure > Authentication failed. generic failure > Security strength factor: 0 > C: Q01 LOGOUT > Connection closed. > > > Here is the entry from /var/log/imap.log: > > Oct 29 08:47:14 Lunar master[6197]: about to exec /usr/libexec/cyrus/imapd > Oct 29 08:47:14 Lunar imap[6197]: executed > Oct 29 08:47:14 Lunar imapd[5489]: accepted connection > Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] plaintext > cliff.clavin SASL(-1): generic failure: checkpass failed > Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 > > > Here are my config files: > > <> > > configdirectory: /var/lib/imap > partition-default: /var/spool/imap > admins: cliff.clavin cyrus gchagnon > allowanonymouslogin: no > sieveuserhomedir: no > sievedir: /var/lib/imap/sieve > sendmail: /usr/sbin/sendmail > hashimapspool: true > sasl_pwcheck_method: saslauthd > sasl_passwd_check: saslauthd > sasl_ldap_server: localhost > #sasl_ldap_basedn: ou=Users,dc=gregbox,dc=com > sasl_ldap_basedn: dc=gregbox,dc=com > sasl_mech_list: PLAIN > tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem > tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem > > <> > > ldap_servers: ldap://localhost/ > ldap_bind_dn: cn=Manager,dc=gregbox,dc=com > ldap_bind_pw: *** > > <> > databaseldbm > suffix "dc=gregbox,dc=com" > rootdn "cn=Manager,dc=gregbox,dc=com" > rootpw *** > directory /var/lib/ldap > > index objectClass,uid,uidNumber,gidNumber,memberUid eq > index cn,mail,surname,givenname eq,subinitial > > > > _ > Protect your PC - get McAfee.com VirusScan Online > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > -- Igor
cyrus-sasl / ldap problem
Hi:I'm having a problem getting Cyrus IMAP to work with OpenLDAP. User cliff.clavin is under ou=Users,dc=gregbox,dc=com. When I run imtest, here is the error I get...thanks everyone so much in advance: [root@Lunar]:/home/gchagnon> imtest -m login -a cliff.clavin localhost S: * OK Lunar Cyrus IMAP4 v2.1.9-Invoca-RPM-2.1.9-6 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS LISTEXT LIST-SUBSCRIBED ANNOTATEMORE X-NETSCAPE S: C01 OK Completed Please enter your password: C: L01 LOGIN cliff.clavin {6} S: + go ahead C: S: L01 NO Login failed: generic failure Authentication failed. generic failure Security strength factor: 0 C: Q01 LOGOUT Connection closed. Here is the entry from /var/log/imap.log: Oct 29 08:47:14 Lunar master[6197]: about to exec /usr/libexec/cyrus/imapd Oct 29 08:47:14 Lunar imap[6197]: executed Oct 29 08:47:14 Lunar imapd[5489]: accepted connection Oct 29 08:47:16 Lunar imapd[5489]: badlogin: Lunar[127.0.0.1] plaintext cliff.clavin SASL(-1): generic failure: checkpass failed Oct 29 08:48:24 Lunar master[5446]: process 5489 exited, status 0 Here are my config files: <> configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cliff.clavin cyrus gchagnon allowanonymouslogin: no sieveuserhomedir: no sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_passwd_check: saslauthd sasl_ldap_server: localhost #sasl_ldap_basedn: ou=Users,dc=gregbox,dc=com sasl_ldap_basedn: dc=gregbox,dc=com sasl_mech_list: PLAIN tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem <> ldap_servers: ldap://localhost/ ldap_bind_dn: cn=Manager,dc=gregbox,dc=com ldap_bind_pw: *** <> databaseldbm suffix "dc=gregbox,dc=com" rootdn "cn=Manager,dc=gregbox,dc=com" rootpw *** directory /var/lib/ldap index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963