|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
On 25/01/10 18:55 +0100, Eric Belhomme wrote:
* What I want to do ? - enable SASL auth for postfix - migrate from dovecot to cyrus Imapd+Murder - enable SASL auth for cyrus imapd and murder, using my LDAP directory * What I did : installing saslauthd with this config : ldap_servers: ldap://127.0.0.1/ ldap_bind_dn: cn=saslauth,dc=eve-team,dc=com ldap_bind_pw: ***passwd*** ldap_filter: (&(uid=%u)(objectClass=evePerson)) ldap_search_base: ou=People,dc=eve-team,dc=com ldap_scope: one Then I started saslauthd daemon like this : /usr/sbin/saslauthd -a ldap -c -m /var/run/saslauthd -d
Try using the testsaslauthd to verify your saslauthd config.
Finally, I tried to test the auth with test tools : On a shell :cyrus:~# sasl-sample-server -s host -p /usr/lib/sasl2 Generating client mechanism list...Sending list of 6 mechanism(s) S: TE9HSU4gRElHRVNULU1ENSBQTEFJTiBDUkFNLU1ENSBOVExNIEFOT05ZTU9VUw== Waiting for client mechanism...
saslauthd will not be used by default, without customizing your sasl configuration. You will need to configure the 'pwcheck_method' to include the saslauthd option: echo "pwcheck_method: saslauthd" > /usr/lib/sasl2/sample.conf (which sasl-sample-server should reference) You will also need to set the same setting for your postfix sasl config: /etc/postfix/sasl/smtpd.conf, and within your imapd.conf (sasl_pwcheck_method). By default, the sasl library will query your auxprop plugins for plain text authentication, rather than saslauthd. The sasl library options are documented in 'doc/options.html' within the sasl source. -- Dan White