On Thu, 09 Aug 2001, [EMAIL PROTECTED] spewed into the ether:
> PAM only needs root access if it's authenticating off /etc/shadow. Few
Fine.
> medium-to-large scale operations today distribute passwords via NIS to
> shadow files. Most, like mine, use LDAP, and you can authenticate off
> an LD
Hey Jeremy,
Thursday, August 09, 2001, 1:14:51 AM, you wrote:
JH> Kevin J. Menard, Jr. wrote:
>> I still say add all this to SASL. That's what it's there for anyway, so
JH> you
>> don't need to hack imapd.c or pop3d.c everytime you want to add a new auth
>> method. What I would like to see, i
Kevin J. Menard, Jr. wrote:
> I still say add all this to SASL. That's what it's there for anyway, so
you
> don't need to hack imapd.c or pop3d.c everytime you want to add a new auth
> method. What I would like to see, is a way to dynamically add auth
methods
> to SASL.
>
You mean like pwcheck,
[EMAIL PROTECTED] wrote:
>
> Sorry to keep this painful thread happening.. am keen to get cyrus imap
tis all
> ...
>
> The next problem I got to is it (sieve I think) wanted to find
bison.simple in
> /usr/local/share but it was in /usr/lib. So I make a symbolink
/usr/local/share
> to /usr/lib - i
Sorry to keep this painful thread happening.. am keen to get cyrus imap tis all
...
The next problem I got to is it (sieve I think) wanted to find bison.simple in
/usr/local/share but it was in /usr/lib. So I make a symbolink /usr/local/share
to /usr/lib - is this a bad idea?
Anyway, it got fu
- Original Message -
From: <[EMAIL PROTECTED]>
>Interesting that your one problem is different from Lawrence
Greenfeld's.
>
>PAM only needs root access if it's authenticating off /etc/shadow. Few
>medium-to-large scale operations today distribute passwords via NIS to
>shadow files. Most,
> > What do you mean by "network authentication"? If you mean a ticket
> > system so that users need only authenticte themselves once, it most
> > certainly does, via Kerberos.
>
> I'm starting to think you have never written a PAM module yourself.
> You _cannot_ do Kerberos authentication using P
> > What exactly is the problem under consideration that
> > (given the appropriate modules) PAM doesn't solve?
>
> Just one, IMHO. PAM needs root access.
Interesting that your one problem is different from Lawrence
Greenfeld's.
PAM only needs root access if it's authenticating off /etc/shadow
> Grab SASL v1.5.27 from ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/BETA/
> (or better yet grab the latest CVS) and use saslauthd.
Thanks for the pointer! I'll try this out tonight.
> BTW, I noticed an LDAP pwcheck daemon here:
> http://www.linc-dev.com/auth.html
I looked at this daemon (pwcheck_ldap). It does not do secure (ssl)
ldap. Therefore it is useless to me.
Doing ldap-ssl is not entirely trivial. Much better to make use of
pam_ldap rather than reproducing all
Guillaume,
I wrote a perl script that uses Mail::IMAPClient to transfer mailboxes
entirely via IMAP, as I had the same problems you had with imapcp. I
have used it successfully to migrate mailboxes from the Sun Internet
Messaging Server to Cyrus, but your mileage may vary. I also had to
debug
Hi,
I've never setup or configured any internet mail package before, so I'm
hoping I'm missing something simple.
I've followed the install.html and looked at the cyrus how-to, and
searched the mailinglist archive but I don't see what I'm doing wrong.
I have berkley db 3.2 installed, sasl 1.5.
I use this perl program with Ldap to manage the system. Adapt it to suit
your system.
It uses flags to know the account's state :
1 : account to create
2 : account to deactivate
3 : account to delete
4 : account to reactivate
See below for more details.
No quota management. To add it should be
If your cyrus-imap server is exposed to the world then I doubt
if such a restriction is possible. However, if you allow mail
access to the server via some external interfaces (for example,
http interface via Imp), then you can restrict the ip addressess
that can access to it for imap services via
bash-2.05# postconf -n
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
debug_peer_level = 2
default_privs = nobody
mail_owner = postfix
mail_spool_directory = /var/mail
queue_directory = /var/spool/postfix
/etc/postfix/main.cf:
queue_directory = /usr/var/spool/p
> On Wed, 8 Aug 2001 16:37:34 +0200,
> Björn Törnqvist <[EMAIL PROTECTED]> (bt) writes:
bt> Hi, I have postfix -> cyris-imap setup on the same computer.
bt> When I mail a user on the host (echo hello | mail bt) postfix displays this in
it's log:
bt> Aug 8 16:28:40 managerzone postfix/q
See http://www.oreilly.com/catalog/mimap/chapter/ch09.html#92594
for the possibilities
Scripts are avaliable at
http://examples.oreilly.com/mimap/examples.tar.gz
They only work with older version of cyradm (tcl version)
To use them, compile an old version of cyrus imap (1.6) and use the tcl
cyrad
David Wright wrote:
>
> Please educate me, I do not understand.
>
> > Please use pwcheck. Your problems will go away.
>
> The pwcheck distributed with cyrus-sasl is not useful to me. My users
> are not in /etc/passwd -- they are ONLY in an LDAP database. Even a
> pwcheck daemon that uses LD
Hi, I have postfix -> cyris-imap setup on the
same computer.
When I mail a user on the host (echo hello | mail
bt) postfix displays this in it's log:
Aug 8 16:28:40 managerzone
postfix/qmgr[71481]: 5C06D9B11: from=<[EMAIL PROTECTED]>,
size=786, nrcpt=1 (queue active)Aug 8 16:28:40 manage
Hi !
How can I transfer some IMAP-boxes from my wu-imapd system to
cyrus-imapd ?
I have found a nice tool for this - but it doesn´t work ...
... it crashes mostly while transfering
http://freshmeat.net/redir/imapcp/14762/url_homepage/
Is there a better possibility available ?
Regards
Ma
> On Wed, 08 Aug 2001 02:11:28 -0700,
> David Wright <[EMAIL PROTECTED]> (dw) writes:
dw> The pwcheck distributed with cyrus-sasl is not useful to me. My
dw> users are not in /etc/passwd -- they are ONLY in an LDAP
Configure your name switch so that getpwnam/getspnam lookups go out
throu
Hey Marc,
Wednesday, August 08, 2001, 10:02:26 AM, you wrote:
MS> Hi !
>> cyradm. It just sends IMAP commands though. View the source (either the
>> perl source of cyradm or imap/imapd.c)
MS> I know cyradm - but I don´t know how to make automated procedures
MS> How can I do this ?
M
Just a quick question, is there a program or perl script or something that I
can allow my users to change their password in the sasldb with out giveing
them cyrus user account and walking them thru, since some are a lil paranoid
at me setting it :)
Christopher Riordan
http://www.hal-9000.net
On Wed, 08 Aug 2001, Kevin J. Menard, Jr. spewed into the ether:
> Ok, so you did get it. Like I said, mostly just a port of the SASL patch
> over, and it worked fine for me. Btw, I'll be releasing a newer version of
> the SASL LDAP patch later today. Fixes a free() issue and removes the
> def
Hey Andrew,
Wednesday, August 08, 2001, 4:21:10 AM, you wrote:
AK> hi all.
AK>I have trouble after running CYRADM . There are :
AK>#cyradm 127.0.0.1
AK>Please enter your password: ***
AK>IMAP password: at
/usr/local/lib/perl5/site_perl/5.005/i386-freebsd/Cyrus/IMAP/Admin.p
Hi !
> cyradm. It just sends IMAP commands though. View the source (either the
> perl source of cyradm or imap/imapd.c)
I know cyradm - but I don´t know how to make automated procedures
How can I do this ?
Regards
Marc Schöchlin
Hey Marc,
Wednesday, August 08, 2001, 9:46:01 AM, you wrote:
MS> Hi there !
MS> Where can I get some commandline-tools for setting up new mailboxes,
MS> deleteing mailboxes, setting quotas ?
MS> I would like to inlclude that in a automated
MS> user-management :-)
MS> Regards
MS> Marc Schöc
On Wed, 08 Aug 2001, [EMAIL PROTECTED] spewed into the ether:
> I must mention, though, that it's only used to validate plain text
> passwords. Encrypted passwords are still stored in sasldb, a local
> database, and so cannot be networked. I hope that future versions
> of SASL will overcome thi
Hey Devdas,
Wednesday, August 08, 2001, 6:05:19 AM, you wrote:
DB> On Wed, 08 Aug 2001, David Wright spewed into the ether:
DB>
>> What exactly is the problem under consideration that (given the appropriate
>> modules) PAM doesn't solve?
DB> Just one, IMHO. PAM needs root access. Not what I
Hi there !
Where can I get some commandline-tools for setting up new mailboxes,
deleteing mailboxes, setting quotas ?
I would like to inlclude that in a automated
user-management :-)
Regards
Marc Schöchlin
David Wright writes:
>
>The pwcheck distributed with cyrus-sasl is not useful to me. My users
>are not in /etc/passwd -- they are ONLY in an LDAP database. Even a
>pwcheck daemon that uses LDAP is only useful to me it does LDAP-SSL
>-- I need password traffic encyrpted over the network. pam_ld
On Wed, 08 Aug 2001, Marco Colombo spewed into the ether:
> And BTW, why don't you remove SASL from OpenLDAP, instead? You're just
> asking CMU people to remove SASL from their Cyrus IMAPD so that
> OpenLDAP 2 can use it to implement the encrypted connection (to the
> LDAP server) you need. Ask t
Hello,
I am wondering what is the simplest way to restrict admin access
(both via cyradm and directly via IMAP) to just connections from
certain specified hosts. As an example, how can I prevent the admin
user ("cyradmin", say) authenticating successfully if they are not
connecting from a ce
> > Please use pwcheck. Your problems will go away.
>
> The pwcheck distributed with cyrus-sasl is not useful to me. My users
> are not in /etc/passwd -- they are ONLY in an LDAP database. Even a
> pwcheck daemon that uses LDAP is only useful to me it does LDAP-SSL
> -- I need password traffic
On Wed, Aug 08, 2001 at 02:11:28AM -0700, David Wright wrote:
> What do you mean by "network authentication"? If you mean a ticket
> system so that users need only authenticte themselves once, it most
> certainly does, via Kerberos.
I'm starting to think you have never written a PAM module you
On Wed, 08 Aug 2001, David Wright spewed into the ether:
> What exactly is the problem under consideration that (given the appropriate
> modules) PAM doesn't solve?
Just one, IMHO. PAM needs root access. Not what I like. cyrus runs as a
non root user. Kevin Menard has sent me a patch which will
On Wed, 8 Aug 2001, David Wright wrote:
>
> First off, thanks to you, Lawrence, and the many others who helped
> clarify why OpenLDAP 2.0.x + pam_ldap + cyrus-imaps-2.0.x won't play
> together out-of-the-box. For those just tuning in to this thread, it's
> because the SASL routines are (1) used b
Yes, I use rpms I made a few months ago.
If you want to know what were exactly my compilation options, just go to
ftp.babelobjects.org/SRPMS and take the openldap and cyrus SRPMS.
I use the usual libs + the one with the rpms I installed of course.
And I didn't say RH was the best unix of the uni
Jean-Christophe Kermagoret wrote:
> I have a system RH 6.2 running for about one year with :
> * cyrus-2.0.6
> * pam_ldap-0.65
> * openldap-2.0.7
> * libsasl-1.5.24
>
> Works very fine. No problem at all.
>
> I installed a few days ago a new cyrus server on RH 6.2 with :
> * cyrus-2.0.12
> *
I have a system RH 6.2 running for about one year with :
* cyrus-2.0.6
* pam_ldap-0.65
* openldap-2.0.7
* libsasl-1.5.24
Works very fine. No problem at all.
I installed a few days ago a new cyrus server on RH 6.2 with :
* cyrus-2.0.12
* pam-0.65
*openldap-2.0.11
* libsasl-1.5.24
Works very fine
Date: Wed, 08 Aug 2001 02:11:28 -0700
From: David Wright <[EMAIL PROTECTED]>
Cc: info-cyrus <[EMAIL PROTECTED]>
Please educate me, I do not understand.
> Please use pwcheck. Your problems will go away.
The pwcheck distributed with cyrus-sasl is not useful to me. My users
Please educate me, I do not understand.
> Please use pwcheck. Your problems will go away.
The pwcheck distributed with cyrus-sasl is not useful to me. My users
are not in /etc/passwd -- they are ONLY in an LDAP database. Even a
pwcheck daemon that uses LDAP is only useful to me it does LDAP
Date: Wed, 08 Aug 2001 00:59:17 -0700
From: David Wright <[EMAIL PROTECTED]>
I think for most applications PAM is a much better alternative. It is
inherently simpler. It can support ticket systems by using Kerberos. It
can support access restrictions based on time-of-day, IP-addr
Okay, I finally put the patch on a web server.
You will find a SASL patch under
http://www.matuschek.net/software/sasl-patch
This patch contains support for PostgreSQL, LDAP, BerkeleyDB and
a special authentification server.
Look in the README file, you don't have to compile everything
but onl
hi all.
I have trouble after running CYRADM . There are :
#cyradm 127.0.0.1
Please enter your password: ***
IMAP password: at
/usr/local/lib/perl5/site_perl/5.005/i386-freebsd/Cyrus/IMAP/Admin.pm line 78
server: 127.0.0.1: can not authenticate
where is problem ?
-
Hi!
Yesterday, I delete a Mailbox (not user.*). This mailbox had set a quota
and after I create a new box with the same name the quota was back.
Is this ok?
Today a remove the quota-entry manual from the quotafile, but it was not
a solution.
Can anybody help me and say what is my problem. I use C
First off, thanks to you, Lawrence, and the many others who helped
clarify why OpenLDAP 2.0.x + pam_ldap + cyrus-imaps-2.0.x won't play
together out-of-the-box. For those just tuning in to this thread, it's
because the SASL routines are (1) used both by cyrus-imapd and OpenLDAP
and (2) not re
Hello,
As I was working on cyrus-imapd 2.0.16 RPMs, I've found the " signaled to death by 11".
I was trying to use cyrys-imapd with pam authentification using OpenLDAP (cyrus-imap v
2.0.16,
sasl 1.5.24,
pam-0.75-6mdk,pam_ldap-120-1mdk, openldap-2.0.11-6mdk, libdb3.2-3.2.9-1mdk )
I have a previo
48 matches
Mail list logo
