All, I posted this to cyrus imap's list, but no response. The local list seems to be much more helpful:)
Anyway, I'm trying to understand the inner workings of cyrus sasl, in order to authenticate against LDAP via pam (imap-->sasl-->pam-->ldap). I've got an error in my understanding since it won't work. Here's what I THOUGHT my options were for configuring cyrus imap to authenticate against LDAP: 1. --imapd.conf file has NO sasl parameters. --imapd file in sasl2 folder has one paramter pwcheck_method:pam This option does NOT run against the saslauthd daemon. IMAP knows to use SASL, and checks for the sasl config file which says don't use SASL, forward to PAM directly. I have my PAM imap file configured to use LDAP (/etc/ldap.conf). 2. --imapd.conf file has sasl_pwcheck_method:pam This is the same as #1 3. --imapd.conf file has no sasl parameter. --imapd file is sasl2 folder has one parameter pwcheck_method:saslauthd This option tells the imapd to forward the parameters to the saslauthd daemon. When the sasl daemon is started, the desired login mechanism is passed as a parameter (saslauthd -a pam). I have my PAM imap file configured to use LDAP (/etc/ldap.conf) 4. --imapd.conf file has sasl_pwcheck_method:saslauthd Same as #3. 5. --imapd.conf file has no sasl parameter. --imapd file in sasl2 folder has one parameter pwcheck_method:ldap This is similar to PAM process (#1) imap looks up imapd file and determines it's pam and uses sasl to configure against pam. The saslauthd.conf file stores the ldap config information. 6. --imapd.conf file has sasl_pwcheck_method:ldap Same as 5. The saslauthd.conf file stores the ldap config information. 7. --imapd.conf file has no sasl parameter. --imapd file is sasl2 folder has one parameter pwcheck_method:saslauthd This option tells the imapd to forward the parameters to the saslauthd daemon. When the sasl daemon is started, the desired login mechanism is passed as a parameter (saslauthd -a ldap). The saslauthd daemon uses the /saslauthd.conf file to store it's ldap config information. 8. --imapd.conf file has sasl_pwcheck_method:saslauthd Same as #7. Thanks in advance for clarifying this for me. Kevin Williams _______________________________________________ PDXLUG mailing list [EMAIL PROTECTED] http://pdxlug.org/mailman/listinfo/pdxlug
