Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
postfix/imap/cyrus-sasl and Pam backend
  • From: Markus Feilner <lists@xxxxxxxxxxxxxx>
  • Date: Wed, 10 Mar 2004 12:11:39 +0100
  • Message-id: <200403101211.39554.lists@xxxxxxxxxxxxxx>
Hello List,
I am looking for a site with good information about postfix, cyrus-sasl
(and later kerberos authentikation against Active Directory). I have
postifix and imap running with cyrus sasl and sasldb, but i did not
manage to get it to authenticate against pam or kerberos.
I have been googling, but i could not find a solution.

I know that:
- /etc/sysconfig/saslauthd tells saslauthd which mech to use.
the entry is:
SASLAUTHD_AUTHMECH=pam

- /usr/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd
mechlist: plain login crammd5 digestmd5

-/etc/posstfix/main.cf
for testing:
(...)
smtpd_sender_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
(...)

Now: postfix grants all users access based on user/password kombinations
in sasldb - and only those users. Shouldn't saslauth use the local
user/password Kombination?
(BTW: Why does sasl with PAM only work with PLAIN?)

Thanks a lot!
--
Mit freundlichen Grüßen
Markus Feilner
--
Linux Solutions, Training, Seminare und Workshops - auch Inhouse
Feilner IT Linux & GIS Erlangerstr. 2 93059 Regensburg
fon: +49 941 70 65 23 - mobil: +49 170 302 709 2
web: http://feilner-it.net mail: mfeilner@xxxxxxxxxxxxxx

< Previous Next >
Follow Ups