Hello Patrick, see also https://bugs.openldap.org/show_bug.cgi?id=7419 .
You might have success using password_method: saslauthd, starting saslauthd in PAM mode and then configuring pam_ldap as one of the PAM mechanisms. Long time ago this worked for me. Gretings Дилян На 6 ноември 2021 г. 23:38:40 GMT+02:00, PFiver via SASL <[email protected]> написа: > ... I've arrived here, it seems: > https://github.com/cyrusimap/cyrus-sasl/issues/374 > > .... well no ... I have no clue, ... but anyway .... this seems completely > borked .... :-) ... you see: imapd lets me in now without any checks .... it > _is_ in fact, of course, not talking to the LDAP ! ... whoa.... scary! :-/ > ... maybe I should just stick to dovecot :-\\ ... if only it had cal/carddav > > ubuntu@nexus:~$ /usr/lib/cyrus/bin/imtest -m plain -a patricsk -w asdf > localhost > S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=DIGEST-MD5 > AUTH=NTLM AUTH=CRAM-MD5 AUTH=PLAIN AUTH=LOGIN SASL-IR] nexus Cyrus IMAP > 3.0.13-Debian-3.0.13-5 server ready > C: A01 AUTHENTICATE PLAIN AHBhdHJpY3NrAGFzZGY= > S: A01 OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE ACL RIGHTS=kxten QUOTA > MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN > MULTIAPPEND BINARY CATENATE CONDSTORE ESEARCH SEARCH=FUZZY SORT SORT=MODSEQ > SORT=DISPLAY SORT=UID THREAD=ORDEREDSUBJECT THREAD=REFERENCES THREAD=REFS > ANNOTATEMORE ANNOTATE-EXPERIMENT-1 METADATA LIST-EXTENDED LIST-STATUS > LIST-MYRIGHTS LIST-METADATA WITHIN QRESYNC SCAN XLIST XMOVE MOVE SPECIAL-USE > CREATE-SPECIAL-USE DIGEST=SHA1 X-REPLICATION URLAUTH URLAUTH=BINARY > LOGINDISABLED COMPRESS=DEFLATE X-QUOTA=STORAGE X-QUOTA=MESSAGE > X-QUOTA=X-ANNOTATION-STORAGE X-QUOTA=X-NUM-FOLDERS IDLE] Success (no > protection) SESSIONID=<cyrus-227142-1636234462-1-13065162235787530761> > Authenticated. > Security strength factor: 0 > ^CC: Q01 LOGOUT > Connection closed. > > ubuntu@nexus:~$ /usr/lib/cyrus/bin/imtest -m plain -a foo -w bar localhost > S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=DIGEST-MD5 > AUTH=NTLM AUTH=CRAM-MD5 AUTH=PLAIN AUTH=LOGIN SASL-IR] nexus Cyrus IMAP > 3.0.13-Debian-3.0.13-5 server ready > C: A01 AUTHENTICATE PLAIN AGZvbwBiYXI= > S: A01 OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE ACL RIGHTS=kxten QUOTA > MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN > MULTIAPPEND BINARY CATENATE CONDSTORE ESEARCH SEARCH=FUZZY SORT SORT=MODSEQ > SORT=DISPLAY SORT=UID THREAD=ORDEREDSUBJECT THREAD=REFERENCES THREAD=REFS > ANNOTATEMORE ANNOTATE-EXPERIMENT-1 METADATA LIST-EXTENDED LIST-STATUS > LIST-MYRIGHTS LIST-METADATA WITHIN QRESYNC SCAN XLIST XMOVE MOVE SPECIAL-USE > CREATE-SPECIAL-USE DIGEST=SHA1 X-REPLICATION URLAUTH URLAUTH=BINARY > LOGINDISABLED COMPRESS=DEFLATE X-QUOTA=STORAGE X-QUOTA=MESSAGE > X-QUOTA=X-ANNOTATION-STORAGE X-QUOTA=X-NUM-FOLDERS IDLE] Success (no > protection) SESSIONID=<cyrus-227142-1636234480-1-7399361506862257072> > Authenticated. > > Nov 06 21:34:22 nexus cyrus/master[227109]: service imaplocal/ipv4 pid > 227142: receiving messages from long dead children > Nov 06 21:34:22 nexus cyrus/imaplocal[227142]: login: localhost [127.0.0.1] > patricsk PLAIN User logged in > SESSIONID=<cyrus-227142-1636234462-1-13065162235787530761> > Nov 06 21:34:22 nexus cyrus/imaplocal[227142]: autocreateinbox: User > patricsk, INBOX was successfully created > Nov 06 21:34:26 nexus cyrus/imaplocal[227142]: USAGE patricsk user: 0.008427 > sys: 0.014046 > Nov 06 21:34:26 nexus cyrus/master[227109]: service imaplocal/ipv4 pid > 227142: receiving messages from long dead children > > Nov 06 21:34:40 nexus imtest[227143]: ldapdb > Nov 06 21:34:40 nexus imtest[227143]: _sasl_plugin_load failed on > sasl_canonuser_init > Nov 06 21:34:40 nexus cyrus/master[227109]: service imaplocal/ipv4 pid > 227142: receiving messages from long dead children > Nov 06 21:34:40 nexus cyrus/imaplocal[227142]: login: localhost [127.0.0.1] > foo PLAIN User logged in > SESSIONID=<cyrus-227142-1636234480-1-7399361506862257072> > Nov 06 21:34:40 nexus cyrus/imaplocal[227142]: autocreateinbox: User foo, > INBOX was successfully created ------------------------------------------ Cyrus: SASL Permalink: https://cyrus.topicbox.com/groups/sasl/T2c60ca246b64197b-M5c51b2c6b126b4e246df1ffb Delivery options: https://cyrus.topicbox.com/groups/sasl/subscription
