Robert Lubbers wrote:
I am still working on getting this IMAP server authenticating against my Windows domain PDC, and I did manage to get the POP server authenticating, which is a giant step forward. But both the IMAP component and the cyradm component are complaining: They both give me the same error message:
What version of SASL are you using? I can't reproduce this error using the current versions of Cyrus and SASL.
cyrus-server>telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK cyrus.domain.com Cyrus IMAP4 v2.2.9 server ready . login cyrususer secret . NO Login failed: can't request info until later in exchange . logout * BYE LOGOUT received . OK Completed
whereas the POP3 server doesn't complain at all:
cyrus-server> telnet localhost 110
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK cyrus-server.domain.com Cyrus POP3 v2.2.9 server ready <[EMAIL PROTECTED]>
user cyrususer
+OK Name is a valid mailbox
pass intisol
+OK Mailbox locked and ready
The wild thing is that the /var/log/secure fuile shows a valid authentication for either one:
For POP3
Dec 6 10:59:51 cyrus-server saslauthd[1841]: rel_accept_lock : released accept lock
Dec 6 10:59:51 cyrus-server saslauthd[1842]: get_accept_lock : acquired accept lock
Dec 6 10:59:51 cyrus-server pam_winbind[1841]: user 'cyrususer' granted acces
Dec 6 10:59:51 cyrus-server pam_winbind[1841]: user 'cyrususer' granted acces
Dec 6 10:59:51 cyrus-server saslauthd[1841]: do_auth : auth success: [user=cyrususer] [service=pop] [realm=] [mech=pam]
Dec 6 10:59:51 cyrus-server saslauthd[1841]: do_request : response: 0
Whereas for IMAP:
Dec 6 11:03:24 cyrus-server saslauthd[1842]: rel_accept_lock : released accept lock
Dec 6 11:03:24 cyrus-server saslauthd[1837]: get_accept_lock : acquired accept lock
Dec 6 11:03:24 cyrus-server pam_winbind[1842]: user 'cyrususer' granted acces
Dec 6 11:03:24 cyrus-server pam_winbind[1842]: user 'cyrususer' granted acces
Dec 6 11:03:24 cyrus-server saslauthd[1842]: do_auth : auth success: [user=cyrususer] [service=imap] [realm=] [mech=pam]
Dec 6 11:03:24 cyrus-server saslauthd[1842]: do_request : response: OK'
See? No difference.
For cyradm: cyrus-server>cyradm --user cyrusadmin --auth login localhost IMAP Password:
Login failed: can't request info until later in exchange at /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 118
cyradm: cannot authenticate to server with login as cyrus
Yet this is a user that exists in /etc/sasldb2:
cyrus-server> sasldblistusers2
[EMAIL PROTECTED]: userPassword [EMAIL PROTECTED]: userPassword [EMAIL PROTECTED]: cmusaslsecretOTP [EMAIL PROTECTED]: cmusaslsecretOTP
Just for the sake of completeness, here is the contents of my /usr/local/lib/sasl directory:
cyrus-server> ls -l /usr/local/lib/sasl2
total 600
-rwxr-xr-x 1 root root 711 Dec 6 10:02 libanonymous.la
lrwxrwxrwx 1 root root 22 Dec 6 10:02 libanonymous.so -> libanonymous.so.2.0.20
lrwxrwxrwx 1 root root 22 Dec 6 10:02 libanonymous.so.2 -> libanonymous.so.2.0.20
-rwxr-xr-x 1 root root 89354 Dec 6 10:02 libanonymous.so.2.0.20
-rwxr-xr-x 1 root root 695 Dec 6 10:02 liblogin.la
lrwxrwxrwx 1 root root 18 Dec 6 10:02 liblogin.so -> liblogin.so.2.0.20
lrwxrwxrwx 1 root root 18 Dec 6 10:02 liblogin.so.2 -> liblogin.so.2.0.20
-rwxr-xr-x 1 root root 88558 Dec 6 10:02 liblogin.so.2.0.20
-rwxr-xr-x 1 root root 684 Dec 6 10:02 libotp.la
lrwxrwxrwx 1 root root 16 Dec 6 10:02 libotp.so -> libotp.so.2.0.20
lrwxrwxrwx 1 root root 16 Dec 6 10:02 libotp.so.2 -> libotp.so.2.0.20
-rwxr-xr-x 1 root root 155138 Dec 6 10:02 libotp.so.2.0.20
-rwxr-xr-x 1 root root 695 Dec 6 10:02 libplain.la
lrwxrwxrwx 1 root root 18 Dec 6 10:02 libplain.so -> libplain.so.2.0.20
lrwxrwxrwx 1 root root 18 Dec 6 10:02 libplain.so.2 -> libplain.so.2.0.20
-rwxr-xr-x 1 root root 88316 Dec 6 10:02 libplain.so.2.0.20
-rwxr-xr-x 1 root root 716 Dec 6 10:02 libsasldb.la
lrwxrwxrwx 1 root root 19 Dec 6 10:02 libsasldb.so -> libsasldb.so.2.0.20
lrwxrwxrwx 1 root root 19 Dec 6 10:02 libsasldb.so.2 -> libsasldb.so.2.0.20
-rwxr-xr-x 1 root root 145666 Dec 6 10:02 libsasldb.so.2.0.20
I have a sym link from /usr/local/lib/sals2 to /usr/local/lib/sasl, /usr/lib/sasl2, and /usr/lib/sasl.
Here is my /etc/imapd.conf:
postmaster: postmaster configdirectory: /var/imap partition-default: /var/spool/imap admins: noctest admin allowanonymouslogin: no allowplaintext: yes sasl_mech_list: PLAIN servername: cyrus-server.domain.com autocreatequota: 40000 reject8bit: no quotawarn: 90 timeout: 30 poptimeout: 10 dracinterval: 0 drachost: localhost sasl_pwcheck_method: saslauthd ievedir: /usr/sieve sendmail: /usr/sbin/sendmail sieve_maxscriptsize: 32 sieve_maxscripts: 5 tls_ca_file: /var/imap/server.pem tls_cert_file: /var/imap/server.pem tls_key_file: /var/imap/server.pem
--- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
