Hello there. From what I can see, you didn't correctly configure the
authldaprc. You must keep in mind there are two methods of
authenticating against LDAP:
1. Courier (or other app) retrieves clear text pwd, and checks it
matches (cannot be used with LDAP+Kerberos)
2. Courier (or other app) tries to bind with the clear text pwd to the
LDAP server, which will itself check the pwd, by a method depending on
how it was configured.
My guess is that you use method nr.1 (courier comes out-of-the-box with
that), and you need to change to 2. Read the authldaprc comments some
more, and if you cannot manage, I'll try to explain some more.
Regards,
Iustin Pop
On Wed, 2002-05-01 at 21:13, John Green wrote:
> Thanks Aly, that's good advice, but I would prefer to keep the
> authentication funnel running through LDAP to Kerberos, mainly as the LDAP
> directory will eventually also be responsible for authentication for other
> daemons (Samba, etc). I'm trying to keep it simple (by making it more
> complicated?). But that is a good last resort or temporary fix till I can
> figure out a way. I have a sales dept who really wants shared calendaring
> NOW. Ouch.
>
> > -----Original Message-----
> > From: Aly Dharshi [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, May 01, 2002 10:13 AM
> > To: John Green
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: [courier-users] IMAP: LDAP authentication
> >
> >
> > Hi There,
> >
> > I hope that you are well, wouldn't it be simpler to use
> > the Kerb PAM
> > modules instead of LDAP to Kerb as Kerb is your
> > authentication system anyhow
> > ?
> >
> > If you are on a RH 7.2 box there are PAM libs for krb5 so
> > you could use
> > that via PAM authentication to authenticate right ? Unless
> > you have a very
> > particular setup.
> >
> > Cheers,
> >
> > Aly.
> >
> >
> > ------------------
> > Aly Dharshi
> > System Administrator ORS
> > aly.dharshi at uleth.ca
> > aly.dharshi at cs.uleth.ca
> >
> > Got *nix ? *nix the better alternative to Winblows
> >
> >
> > ----- Original Message -----
> > From: "John Green" <[EMAIL PROTECTED]>
> > To: "Courier-Users (E-mail)" <[EMAIL PROTECTED]>
> > Sent: Wednesday, May 01, 2002 10:35 AM
> > Subject: [courier-users] IMAP: LDAP authentication
> >
> >
> > > I'm having some difficulty getting Courier-IMAP to run with
> > Qmail/LDAP. I
> > am
> > > trying to authenticate to an LDAP directory, which
> > authenticates passwords
> > > from a Kerberos V5 server. I have installed Courier-IMAP, and it is
> > > running, listening on port 143, etc, but when I try to log
> > in via an IMAP
> > > client my logins fail. I tried running a telnet session to port 143
> > locally
> > > and using "a1 login username password", and the login failed. I can
> > browse
> > > the LDAP tree with the courier uid I set up, and it reflects all the
> > access
> > > I have given that uid. Qmail was authenticating fine to
> > LDAP before I
> > > installed Courier, and I can still send mail from an IMAP client.
> > > The main sources of info I have are Dave Sill's Qmail handbook, this
> > > website:
> http://www.cerritoslug.org/tutorials/qmail-ldap/installing.html
> and
> > the courier home page.
> >
> > Can anyone direct me to a "known good" source of info? I've tried the man
> > pages, and Google searches, and have come up with some info, but I can't
> > verify that they are correct. As with the examples I mentioned, there are
> > similarities, but differences, and none have worked for me.
> >
> > Also, is there any "quick test" that would shed more light on what is
> going
> > wrong?
> >
> > I know this is a "newbie-ish" post, but I am in a tight situation with
> > getting a mail system to work. I've gotten Sendmail/Cyrus-IMAP running,
> but
> > from what I have read the Qmail/Courier-IMAP combo is superior software,
> and
> > I'd like to give it a shot. Any help would be appreciated.
> >
> >
> >
>
>
_______________________________________________________________
Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
