Re: [exim] cyrus sasl authentication problems [solved]

Top Page
Delete this message
Reply to this message
Author: Ross Boylan
Date:  
To: exim-users
CC: ross
Old-Topics: Re: [exim] cyrus sasl authentication problems
Subject: Re: [exim] cyrus sasl authentication problems [solved]
On Thu, 2008-01-10 at 21:57 -0800, Phil Pennock wrote:
> On 2008-01-10 at 22:19 -0500, Ross Boylan wrote:
> > I thought server_realm was required. I tried taking it out and
> > providing various @ parts for the user name (before I had just the
> > name). None of this worked.
> >
> > I'm also not sure if specifying server_hostname would help.
>
> Your usercode wasn't being found. What happens if you run
> sasldblistusers2 as a user who can read the DB file? It should list
> lines of "user@realm: userPassword"; the realm will be the one you need
> to see in Exim; it defaults to the host fqdn so if you created the user
> accounts on the host with saslpasswd2 then that's the realm you need to
> see.

sasldblistuser2 showed the realm had the unqualified hostname. I put
that in the authenticator as server_realm and now it works!

I'm not sure how I got that realm or why Cyrus Imap works without
complaints, but everything's good now.

Thanks so much for your help.

One lesson here is that server_realm applies to the Cyrus SASL
authenticator even if one is not using Kerberos.

>
> If you're still stuck, then "strings sasldb2" has also helped me in the
> past.
>
> -Phil