> Also, have any idea what is causing the following error? > > unable to get entry point sasl_client_plug_init in /usr/lib/sasl/libsasldb.so: > /usr/local/lib/libsasl.so.7: undefined symbol: sasl_client_plug_init
After further investigation, I discovered: 1. Comment out all references to "pam_ldap.so" in "system-auth" and the error messages are not generated upon "login" 2. The local LDAP server was not started, therefore "pam_ldap.so" had no server to authenticate against. 3. Undue steps in 1 and authentication works as expected. Next, "imtest" successfully authenticates accounts known to "sasldb2", however "imtest" fails if an LDAP account is specified -> imapd[1063]: badlogin: localhost[127.0.0.1] DIGEST-MD5 [SASL(-13): user not found: no secret in database] per the above "badlogin" message, this may be expected "imtest" behavior but, when authenticating via an email client the following is logged -> imapd[1063]: badlogin: mailsrv[x.x.x.] plaintext imapuser SASL(-1): generic failure: checkpass failed The "imap" file in "/etc/pam.d" contains: #%PAM-1.0 auth sufficient pam_ldap.so auth required pam_unix_auth.so account sufficient pam_ldap.so account required pam_unix_acct.so and... the pwcheck method in "/etc/cyrus.conf" is: sasl_pwcheck_method: auxprop Question: is "the pam_ldap" authentication module deprecated as of SASL V2? >From SASL Archive note: 1559, a patch to perform LDAP authentication via the auxprop plugin for SASL V2 is suggested. B4 I arbitrarily apply this patch, can someone please clarify or point me to the doc discussing auxprop, SASL V2 and LDAP? RB >> Every plugin that supports a client-side SASL negotiation should export >> this (which is basically all of the included ones, except for libsasldb). >> -Rob