From: Andreas Winkelmann (mlawinkelmann.de)
Date: Wed Jan 04 2006 - 06:06:17 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Wednesday 04 January 2006 12:31 schrieb newbie:

> Back on the new year with an auth issue with my postfix 2.2.7.
>
> So I went up to that point :
>
> My query works in Mysql ( SELECT password FROM users WHERE userid
> 'userdomain' ), and saslauthd also does that same query when i m doing a :
> testsaslauthd -u userdomain -p passowrd -s smtp
> but I get this result :
>
> 0: NO "authentication failed"
>
> I tested pam_mysql-0.50-6 and pam_mysql-0.6.2-2-fc4 packages but the
> result is the same
>
> Here are my conf files related to this :
>
> #cat /usr/lib/sasl2/smtpd.conf
> pwcheck_method: saslauthd
> mech_list: PLAIN LOGIN
>
> # cat /etc/sysconfig/saslauthd
> # Directory in which to place saslauthd's listening socket, pid file, and
> so # on. This directory must already exist.
> SOCKETDIR=/var/run/saslauthd
>
> # Mechanism to use when checking passwords. Run "saslauthd -v" to get a
> list
> # of which mechanism your installation was compiled to use.
> MECH=pam
>
> # Additional flags to pass to saslauthd on the command line. See
> saslauthd(8)
> # for the list of accepted flags.
> FLAGS="-V -r -n 0"
>
> My messages output for this is :
>
> do_auth : auth failure: [user=toto] [service=smtp] [realm=]
> [mech=pam] [reason=PAM acct error]
>
> I used a username with and without a " " in it, but the problem is
> still the same.

Which Cyrus-SASL Version do you use? I would guess it is 2.1.17 or 2.1.18.
With this versions you have no luck with Usernames with "domain"-Part. Use
at least 2.1.19.

Second, check your PAM-Configuration (/etc/pam.d/smtp). The Error comes from
the Account-Stack, so it seems the Auth-Stack is already passed. Why with
only Username without Domain? Show your PAM-Config.

--
        Andreas

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]