From: Victor Duchovni on 19 May 2010 14:36 On Wed, May 19, 2010 at 08:19:40AM +0200, Julien Vehent wrote: > > What is in the IMAP server SASL configuration file? > > The following: > > ---- > # grep -E "sasl|ldap" /etc/imapd.conf |grep -v "^#" > sasl_pwcheck_method: auxprop > sasl_auxprop_plugin: ldapdb > sasl_auto_transition: no > sasl_ldapdb_uri: ldap://localhost > sasl_ldapdb_id: cyrus > sasl_ldapdb_pw: zzzzZZZZZzzzzzZZZZ This looks different from my recollection of the the smtpd.conf you posted, you may want to make sure that the "sasl_ldapdb_id" and passwords are the same, and I don't know what "auto_transition" does, but it may be pertinent also. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
From: Julien Vehent on 19 May 2010 18:23 On Wed, 19 May 2010 14:36:24 -0400, Victor Duchovni <Victor.Duchovni(a)morganstanley.com> wrote: > > This looks different from my recollection of the the smtpd.conf you > posted, you may want to make sure that the "sasl_ldapdb_id" and > passwords are the same, and I don't know what "auto_transition" > does, but it may be pertinent also. I tried the following 'smtpd.conf': ---- # cat smtpd.conf pwcheck_method: auxprop auxprop_plugin: ldapdb mech_list: DIGEST-MD5 PLAIN LOGIN sasl_ldapdb_uri: ldap://localhost sasl_ldapdb_id: postfix sasl_ldapdb_pw: f4oi6u87j687qzer613bv867zq43o sasl_ldapdb_mech: DIGEST-MD5 ---- But it gives me the same error and the following logs: ---- May 20 00:11:07 samchiel postfix/smtpd[25547]: < localhost[127.0.0.1]: auth plain xxxXXXXXxxxxxXXXXX May 20 00:11:07 samchiel postfix/smtpd[25547]: xsasl_cyrus_server_first: sasl_method plain, init_response xxxXXXXXxxxxxXXXXX May 20 00:11:07 samchiel postfix/smtpd[25547]: xsasl_cyrus_server_first: decoded initial response May 20 00:11:07 samchiel postfix/smtpd[25547]: SASL authentication debug: could not find auxprop plugin, was searching for 'ldapdb' May 20 00:11:07 samchiel postfix/smtpd[25547]: SASL authentication debug: could not find auxprop plugin, was searching for 'ldapdb' May 20 00:11:07 samchiel postfix/smtpd[25547]: SASL authentication debug: could not find auxprop plugin, was searching for 'ldapdb' May 20 00:11:07 samchiel postfix/smtpd[25547]: warning: SASL authentication failure: Password verification failed May 20 00:11:07 samchiel postfix/smtpd[25547]: warning: localhost[127.0.0.1]: SASL plain authentication failed: authentication failure May 20 00:11:07 samchiel postfix/smtpd[25547]: > localhost[127.0.0.1]: 535 5.7.8 Error: authentication failed: authentication failure ---- And if, in addition, I change 'pwcheck_method' to 'sasl_pwcheck_method', it just skips the directives and goes back to the default value that looks for a '/etc/sasldb2' file. Once again, I checked all my packages, and I think I have everything installed. Particularly 'ldapdb' for sasl2: ---- # ls -l /usr/lib/sasl2/ |grep ldapdb -rw-r--r-- 1 root root 13748 Dec 29 01:10 libldapdb.a -rw-r--r-- 1 root root 976 Dec 29 01:10 libldapdb.la lrwxrwxrwx 1 root root 19 May 10 12:18 libldapdb.so -> libldapdb.so.2.0.23 lrwxrwxrwx 1 root root 19 May 10 12:18 libldapdb.so.2 -> libldapdb.so.2.0.23 -rw-r--r-- 1 root root 14556 Dec 29 01:10 libldapdb.so.2.0.23 ---- I keep searching, but I really cannot find any piece of working configuration... do you happen to have an example somewhere ??? Thanks a lot, Julien
From: Victor Duchovni on 19 May 2010 19:35 On Thu, May 20, 2010 at 12:23:46AM +0200, Julien Vehent wrote: > On Wed, 19 May 2010 14:36:24 -0400, Victor Duchovni > <Victor.Duchovni(a)morganstanley.com> wrote: > > > > This looks different from my recollection of the the smtpd.conf you > > posted, you may want to make sure that the "sasl_ldapdb_id" and > > passwords are the same, and I don't know what "auto_transition" > > does, but it may be pertinent also. > > I tried the following 'smtpd.conf': > > ---- > # cat smtpd.conf > pwcheck_method: auxprop > auxprop_plugin: ldapdb > mech_list: DIGEST-MD5 PLAIN LOGIN > sasl_ldapdb_uri: ldap://localhost > sasl_ldapdb_id: postfix > sasl_ldapdb_pw: f4oi6u87j687qzer613bv867zq43o > sasl_ldapdb_mech: DIGEST-MD5 > ---- Why did you change "cyrus" to "postfix"? Does this "postfix" user have the same rights as "cyrus" to do proxy authentication? > > auth plain xxxXXXXXxxxxxXXXXX > May 20 00:11:07 samchiel postfix/smtpd[25547]: xsasl_cyrus_server_first: > sasl_method plain, init_response xxxXXXXXxxxxxXXXXX > May 20 00:11:07 samchiel postfix/smtpd[25547]: xsasl_cyrus_server_first: > decoded initial response > May 20 00:11:07 samchiel postfix/smtpd[25547]: SASL authentication debug: > could not find auxprop plugin, was searching for 'ldapdb' > May 20 00:11:07 samchiel postfix/smtpd[25547]: SASL authentication debug: > could not find auxprop plugin, was searching for 'ldapdb' Is your SMTP server chrooted? Have you configured a non-default Cyrus plugin search path? > Once again, I checked all my packages, and I think I have everything > installed. Particularly 'ldapdb' for sasl2: > > ---- > # ls -l /usr/lib/sasl2/ |grep ldapdb > -rw-r--r-- 1 root root 13748 Dec 29 01:10 libldapdb.a > -rw-r--r-- 1 root root 976 Dec 29 01:10 libldapdb.la > lrwxrwxrwx 1 root root 19 May 10 12:18 libldapdb.so -> > libldapdb.so.2.0.23 > lrwxrwxrwx 1 root root 19 May 10 12:18 libldapdb.so.2 -> > libldapdb.so.2.0.23 > -rw-r--r-- 1 root root 14556 Dec 29 01:10 libldapdb.so.2.0.23 Well, the SMTP server may be chrooted, or may be looking outside /usr/lib/sasl2. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
First
|
Prev
|
Pages: 1 2 Prev: looking for an SMTP testing tool Next: postmaster problem with virtual and mysql |