[opensuse] Problen with SLES + postfix + sals+ ldap
HEllo i am desperate and i dont kow how to solve my problem. I have install the SLES 10, i have upodate online and i have install the SP1. I want to configure one email server using postfix, sasl, cyrus and the autentication againts the ldap (localhot) I have configure into the dns server (in the same server) 6 domains. Into the email server (always using yast) y have configured the 6 domains, one master and the oherts (5) virutals. the configuration is the next (only i writte what have i change): SASLAUTHD_AUTHMECH="ldap" /etc/saslauth.conf: ldap_servers: ldap://localhost:389 ldap_search_base: ou=people,dc=domain1.com,dc=com ldap_filter: uid=%u ldap_group_scope: sub ldap_password_attr:userPassword into /usr/lib/sasl2 i have smtpd.conf: pwcheck_method: saslauthd mech_list: plain login if i make: testsaslauthd -u usuario -p pasword 0: OK "Success." 1. problem: i am using the yast for adding users and when y add one ussers and i add it email adress using the yast pluging for editing the email date from user , or if i change the password whe i finalize appears this error into the /var/logs/messages: Dec 22 11:29:54 server master[4560]: about to exec /usr/lib/cyrus/bin/imapd Dec 22 11:29:54 server imap[4560]: executed Dec 22 11:29:54 server imap[4560]: accepted connection Dec 22 11:29:54 server saslauthd[3090]: Entry not found (uid=cyrus). Dec 22 11:29:54 server saslauthd[3090]: Authentication failed for cyrus: User not found (-6) Dec 22 11:29:54 server saslauthd[3090]: do_auth : auth failure: [user=cyrus] [service=imap] [realm=] [mech=ldap] [reason=Unknown] Dec 22 11:29:54 server imap[4560]: badlogin: localhost [127.0.0.1] plaintext cyrus SASL(-13): authentication failure: checkpass failed ¿what is the problem? the cyrus user is into the /etc/passwd, is one system user. 2.- if i have 2 domains: domain1.con and domain2.com and if i what to have 2 emails addresses: info@domain1.com and info@domain2.com i have added 2 users using the yast but to the second user the yast put one email address. if i waht to use for this user other email adress i can add but is impoible to delete the yast has added email address. 3.- if i send ine email to this user appears this error message: Dec 22 11:40:05 server lmtpunix[4749]: accepted connection Dec 22 11:40:05 server lmtpunix[4749]: lmtp connection preauth'd as postman Dec 22 11:40:05 server master[4814]: about to exec /usr/lib/cyrus/bin/lmtpd Dec 22 11:40:05 server lmtpunix[4749]: verify_user(user.carlostinieblas) failed: Mailbox does not exist Dec 22 11:40:05 server lmtpunix[4814]: executed Dec 22 11:40:05 server lmtpunix[4749]: IOERROR: fstating sieve script /var/lib/sieve/c/carlos/defaultbc: No such file or directory Dec 22 11:40:05 server lmtpunix[4749]: duplicate_check: <20071222104005.743ED169A6@server.lpis.com> user.carlos 0 Dec 22 11:40:05 server lmtpunix[4749]: mystore: starting txn 2147483654 Dec 22 11:40:05 server lmtpunix[4749]: mystore: committing txn 2147483654 Dec 22 11:40:05 server lmtpunix[4749]: duplicate_mark: <20071222104005.743ED169A6@server.lpis.com> user.carlos 1198320005 43 what is the problem? the yast doesn't work well? I have into SLES support opened tow issues: #10372072571 and #10372805557 issues into the days: 13/12/2007 and 17/12/2007 and still ther eis not solution. How can i solve this problem? can anybopdy helps me? thanks -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 22 December 2007 11:46:06 Carlos wrote:
1. problem: i am using the yast for adding users and when y add one ussers and i add it email adress using the yast pluging for editing the email date from user , or if i change the password whe i finalize appears this error into the /var/logs/messages: Dec 22 11:29:54 server master[4560]: about to exec /usr/lib/cyrus/bin/imapd Dec 22 11:29:54 server imap[4560]: executed Dec 22 11:29:54 server imap[4560]: accepted connection Dec 22 11:29:54 server saslauthd[3090]: Entry not found (uid=cyrus). Dec 22 11:29:54 server saslauthd[3090]: Authentication failed for cyrus: User not found (-6) Dec 22 11:29:54 server saslauthd[3090]: do_auth : auth failure: [user=cyrus] [service=imap] [realm=] [mech=ldap] [reason=Unknown] Dec 22 11:29:54 server imap[4560]: badlogin: localhost [127.0.0.1] plaintext cyrus SASL(-13): authentication failure: checkpass failed
This looks like you're trying to log in to cyrus imap using the cyrus system user. As far as I know, the cyrus system user doesn't have an email account, so this can't be done. Are you saying YaST itself is making this connection? That's new. YaST should be storing all its info in the LDAP server. I don't think I've ever seen YaST itself make an imap connection
¿what is the problem? the cyrus user is into the /etc/passwd, is one system user. 2.- if i have 2 domains: domain1.con and domain2.com and if i what to have 2 emails addresses: info@domain1.com and info@domain2.com i have added 2 users using the yast but to the second user the yast put one email address. if i waht to use for this user other email adress i can add but is impoible to delete the yast has added email address.
Not sure about this one
Dec 22 11:40:05 server lmtpunix[4749]: IOERROR: fstating sieve script /var/lib/sieve/c/carlos/defaultbc: No such file or directory
This just means that the user hasn't created a sieve script yet. sieve is used by cyrus for server side filtering. It isn't something YaST sets up, it's something each user creates for himself Anders -- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
i only make these changes using Yast, only yast what can i solve this problem? Can you help me? thanks ----- Original Message ----- From: "Anders Johansson" <ajh@rydsbo.net> To: <opensuse@opensuse.org> Sent: Saturday, December 22, 2007 12:36 PM Subject: Re: [opensuse] Problen with SLES + postfix + sals+ ldap On Saturday 22 December 2007 11:46:06 Carlos wrote:
1. problem: i am using the yast for adding users and when y add one ussers and i add it email adress using the yast pluging for editing the email date from user , or if i change the password whe i finalize appears this error into the /var/logs/messages: Dec 22 11:29:54 server master[4560]: about to exec /usr/lib/cyrus/bin/imapd Dec 22 11:29:54 server imap[4560]: executed Dec 22 11:29:54 server imap[4560]: accepted connection Dec 22 11:29:54 server saslauthd[3090]: Entry not found (uid=cyrus). Dec 22 11:29:54 server saslauthd[3090]: Authentication failed for cyrus: User not found (-6) Dec 22 11:29:54 server saslauthd[3090]: do_auth : auth failure: [user=cyrus] [service=imap] [realm=] [mech=ldap] [reason=Unknown] Dec 22 11:29:54 server imap[4560]: badlogin: localhost [127.0.0.1] plaintext cyrus SASL(-13): authentication failure: checkpass failed
This looks like you're trying to log in to cyrus imap using the cyrus system user. As far as I know, the cyrus system user doesn't have an email account, so this can't be done. Are you saying YaST itself is making this connection? That's new. YaST should be storing all its info in the LDAP server. I don't think I've ever seen YaST itself make an imap connection
¿what is the problem? the cyrus user is into the /etc/passwd, is one system user. 2.- if i have 2 domains: domain1.con and domain2.com and if i what to have 2 emails addresses: info@domain1.com and info@domain2.com i have added 2 users using the yast but to the second user the yast put one email address. if i waht to use for this user other email adress i can add but is impoible to delete the yast has added email address.
Not sure about this one
Dec 22 11:40:05 server lmtpunix[4749]: IOERROR: fstating sieve script /var/lib/sieve/c/carlos/defaultbc: No such file or directory
This just means that the user hasn't created a sieve script yet. sieve is used by cyrus for server side filtering. It isn't something YaST sets up, it's something each user creates for himself Anders -- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 22 December 2007 12:57:00 Carlos wrote:
i only make these changes using Yast, only yast what can i solve this problem?
I'd need to set up a system with multiple domains in order to test your second problem. The third, as I said, isn't a problem For the first problem, either add user cyrus to your ldap, or change SASLAUTHD_AUTHMECH back to using pam so it can find your system users Anders -- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 22 December 2007 12:57:00 Carlos wrote:
i only make these changes using Yast, only yast what can i solve this problem?
I'd need to set up a system with multiple domains in order to test your second problem. The third, as I said, isn't a problem For the first problem, either add user cyrus to your ldap, or change SASLAUTHD_AUTHMECH back to using pam so it can find your system users Anders -- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 22 December 2007 12:36:21 Anders Johansson wrote:
Are you saying YaST itself is making this connection? That's new. YaST should be storing all its info in the LDAP server. I don't think I've ever seen YaST itself make an imap connection
My mistake. I just checked, and YaST does do an imap login as user cyrus to change settings The problem here seems to be that you've changed the defaults. The default is to use pam, which will automatically find the system users in /etc/passwd and /etc/shadow, but you've changed it to use sasl, and told sasl to only use ldap. That means you also have to add the cyrus user to ldap Anders -- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Saturday 2007-12-22 at 13:10 +0100, Anders Johansson wrote:
The problem here seems to be that you've changed the defaults. The default is to use pam, which will automatically find the system users in /etc/passwd and /etc/shadow, but you've changed it to use sasl, and told sasl to only use ldap. That means you also have to add the cyrus user to ldap
I guess he wants to have virtual, not system, users, ie, mail only users. I suppose he would need pam for the system users, and sasl/ldap for the mail only users. This should be quite a typical thing to do in sles, should be handled automatically? - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHblCEtTMYHG2NR9URAqDyAJ4/v2BIcoZmXqdj/2lew/Rf3IqsXgCggCsu xG0OcurtuJMm3t19pKs2Rdk= =Kyst -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sunday 23 December 2007 13:11:45 Carlos E. R. wrote:
The Saturday 2007-12-22 at 13:10 +0100, Anders Johansson wrote:
The problem here seems to be that you've changed the defaults. The default is to use pam, which will automatically find the system users in /etc/passwd and /etc/shadow, but you've changed it to use sasl, and told sasl to only use ldap. That means you also have to add the cyrus user to ldap
I guess he wants to have virtual, not system, users, ie, mail only users. I suppose he would need pam for the system users, and sasl/ldap for the mail only users. This should be quite a typical thing to do in sles, should be handled automatically?
It is. As I said, the problem is that he changed the defaults. The defaults are to use sasl with pam as backend, and to have the users stored in ldap. sasl will then, through pam, automatically pick up both the system users and the ldap users. Anders -- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Sunday 2007-12-23 at 13:46 +0100, Anders Johansson wrote:
I guess he wants to have virtual, not system, users, ie, mail only users. I suppose he would need pam for the system users, and sasl/ldap for the mail only users. This should be quite a typical thing to do in sles, should be handled automatically?
It is. As I said, the problem is that he changed the defaults. The defaults are to use sasl with pam as backend, and to have the users stored in ldap. sasl will then, through pam, automatically pick up both the system users and the ldap users.
Ah! I see. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHbl0btTMYHG2NR9URAkMsAJ48mpsDquMz35wiE0NLHeDSwC9fmQCeP9eI hxoi8imG0vUuHkJJxhsi9/g= =fuL2 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
hello Than thesolution is not chage the defaults for SASLAUTHD_AUTHMECH (pam) to ldap? my sister has beed asking to the spanis list and has one great problem. if she doesn't change the defaults (pam) she must to execute the command: saslpasswd2 -c -u domain user for adding each user for alowing to send emails? or the pam checks the ldap and user's passwrd? thanks ----- Original Message ----- From: "Carlos E. R." <robin.listas@telefonica.net> To: "OS-en" <opensuse@opensuse.org> Sent: Sunday, December 23, 2007 2:05 PM Subject: Re: [opensuse] Problen with SLES + postfix + sals+ ldap
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Sunday 2007-12-23 at 13:46 +0100, Anders Johansson wrote:
I guess he wants to have virtual, not system, users, ie, mail only users. I suppose he would need pam for the system users, and sasl/ldap for the mail only users. This should be quite a typical thing to do in sles, should be handled automatically?
It is. As I said, the problem is that he changed the defaults. The defaults are to use sasl with pam as backend, and to have the users stored in ldap. sasl will then, through pam, automatically pick up both the system users and the ldap users.
Ah! I see.
- -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux)
iD8DBQFHbl0btTMYHG2NR9URAkMsAJ48mpsDquMz35wiE0NLHeDSwC9fmQCeP9eI hxoi8imG0vUuHkJJxhsi9/g= =fuL2 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sunday 23 December 2007 21:52:55 Carlos wrote:
hello Than thesolution is not chage the defaults for SASLAUTHD_AUTHMECH (pam) to ldap? my sister has beed asking to the spanis list and has one great problem.
if she doesn't change the defaults (pam) she must to execute the command: saslpasswd2 -c -u domain user for adding each user for alowing to send emails? or the pam checks the ldap and user's passwrd?
No you don't have to run saslpasswd, you only need that when saslauthd takes care of the passwords itself. When it's set to use pam, it will look in ldap if you told the system to store its users in ldap Anders -- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
But when i used the lapd for the SASLAUTHD:AUTHMECH i had into the /etc/saslauthd.conf this: ldap_servers: ldap://localhost:389 ldap_search_base: ou=people,dc=domain,dc=com ldap_filter: uid=%U ldap_group_scope: sub ldap_password_attr:userPassword what must i to writte into this file now if the SASLAUTHD_AUTHMECH = pam? must be empty? or how must be this file? thanks? ----- Original Message ----- From: "Anders Johansson" <ajh@rydsbo.net> To: <opensuse@opensuse.org> Sent: Sunday, December 23, 2007 10:08 PM Subject: Re: [opensuse] Problen with SLES + postfix + sals+ ldap
On Sunday 23 December 2007 21:52:55 Carlos wrote:
hello Than thesolution is not chage the defaults for SASLAUTHD_AUTHMECH (pam) to ldap? my sister has beed asking to the spanis list and has one great problem.
if she doesn't change the defaults (pam) she must to execute the command: saslpasswd2 -c -u domain user for adding each user for alowing to send emails? or the pam checks the ldap and user's passwrd?
No you don't have to run saslpasswd, you only need that when saslauthd takes care of the passwords itself. When it's set to use pam, it will look in ldap if you told the system to store its users in ldap
Anders
-- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sunday 23 December 2007 22:55:18 Carlos wrote:
But when i used the lapd for the SASLAUTHD:AUTHMECH i had into the /etc/saslauthd.conf this: ldap_servers: ldap://localhost:389 ldap_search_base: ou=people,dc=domain,dc=com ldap_filter: uid=%U ldap_group_scope: sub ldap_password_attr:userPassword
what must i to writte into this file now if the SASLAUTHD_AUTHMECH = pam? must be empty? or how must be this file?
Go to YaST, Network Services->LDAP Client and configure your LDAP settings there. This will set up /etc/ldap.conf and tell pam to use LDAP for the user data Anders -- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hello. thanks for your answers,a lor of thaks. i have several troubles: 1.- for configuren une email server into my SLES 10 using yast i have 10 doamins. one of them must be master tyope but the rest of them must be virtual? 2.- y have leave the pam autentification, as you say me, i have configurethe email server using cyrus (using yast) and if i send one email to root (ls | mail root) from the same machine, into the /var/log/message appears this error: Dec 24 00:04:12 server master[4131]: about to exec /usr/lib/cyrus/bin/lmtpd Dec 24 00:04:12 server lmtpunix[4131]: executed Dec 24 00:04:12 server lmtpunix[4131]: accepted connection Dec 24 00:04:12 server lmtpunix[4131]: lmtp connection preauth'd as postman Dec 24 00:04:12 server lmtpunix[4131]: verify_user(user.root) failed: Mailbox does not exist Dec 24 00:04:12 server lmtpunix[4131]: verify_user(user.root) failed: Mailbox does not exist how can i solve it? thanks ----- Original Message ----- From: "Anders Johansson" <ajh@rydsbo.net> To: <opensuse@opensuse.org> Sent: Sunday, December 23, 2007 11:12 PM Subject: Re: [opensuse] Problen with SLES + postfix + sals+ ldap
On Sunday 23 December 2007 22:55:18 Carlos wrote:
But when i used the lapd for the SASLAUTHD:AUTHMECH i had into the /etc/saslauthd.conf this: ldap_servers: ldap://localhost:389 ldap_search_base: ou=people,dc=domain,dc=com ldap_filter: uid=%U ldap_group_scope: sub ldap_password_attr:userPassword
what must i to writte into this file now if the SASLAUTHD_AUTHMECH = pam? must be empty? or how must be this file?
Go to YaST, Network Services->LDAP Client and configure your LDAP settings there. This will set up /etc/ldap.conf and tell pam to use LDAP for the user data
Anders
-- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 24 December 2007 00:04:02 Carlos wrote:
Hello. thanks for your answers,a lor of thaks. i have several troubles:
1.- for configuren une email server into my SLES 10 using yast i have 10 doamins. one of them must be master tyope but the rest of them must be virtual?
A machine can only have one domain, so if you like, that is the master domain, and by default that is what is set up for postfix. Other domains in postfix can be virtual or canonical, it all depends on if they have separate users or not. But no, they don't have to be virtual
2.- y have leave the pam autentification, as you say me, i have configurethe email server using cyrus (using yast) and if i send one email to root (ls | mail root) from the same machine, into the /var/log/message appears this error: Dec 24 00:04:12 server master[4131]: about to exec /usr/lib/cyrus/bin/lmtpd Dec 24 00:04:12 server lmtpunix[4131]: executed Dec 24 00:04:12 server lmtpunix[4131]: accepted connection Dec 24 00:04:12 server lmtpunix[4131]: lmtp connection preauth'd as postman Dec 24 00:04:12 server lmtpunix[4131]: verify_user(user.root) failed: Mailbox does not exist Dec 24 00:04:12 server lmtpunix[4131]: verify_user(user.root) failed: Mailbox does not exist
how can i solve it?
The normal solution is to check the box "receive system mail" in the user configuration for one of your users. An alternative would be to log into cyrus once with your root account. That will create the mailbox. But I would prefer the first version if I were you. You shouldn't use the root account unless you absolutely have to. It's much better to designate a normal user (or a couple of them) as administrative user, and send the mail to him/them instead Anders -- Madness takes its toll -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Anders Johansson -
Carlos -
Carlos E. R.