Discussion:
auxpropfunc error invalid parameter supplied
ml ml
2010-03-07 16:32:17 UTC
Permalink
Hello List,

i cant seem to get my saslauth working. Testsaslauth works for my user:
testsaslauthd -u mario -p test
0: OK "Success."


cyradm --user mario --auth login localhost
IMAP Password:
Login only available under a layer at
/usr/lib/perl5/Cyrus/IMAP/Admin.pm line 119
cyradm: cannot authenticate to server with login as mario

auth.log:
--------------------------------------------------------------------
imap[21753]: auxpropfunc error invalid parameter supplied
imap[21753]: _sasl_plugin_load failed on sasl_auxprop_plug_init for
plugin: ldapdb


cat /etc/imapd.conf
-------------------------
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus mario
sasl_mech_list: PLAIN
sasl_pwcheck_method: saslauthd


Has anyone an idea why it wants ldapdb here? Why does the authentification fail?

Cheers,
Mario
Dan White
2010-03-08 03:41:34 UTC
Permalink
Post by ml ml
testsaslauthd -u mario -p test
0: OK "Success."
cyradm --user mario --auth login localhost
Login only available under a layer at
/usr/lib/perl5/Cyrus/IMAP/Admin.pm line 119
cyradm: cannot authenticate to server with login as mario
That's a Cyrus IMAP specific issue. With default configuration, it does
not allow transmission of a clear text password. You can enable the
'allowplaintext' imapd.conf option to change that behavior, or use a
connection which provides some level of encryption.
Post by ml ml
--------------------------------------------------------------------
imap[21753]: auxpropfunc error invalid parameter supplied
imap[21753]: _sasl_plugin_load failed on sasl_auxprop_plug_init for
plugin: ldapdb
cat /etc/imapd.conf
-------------------------
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus mario
sasl_mech_list: PLAIN
sasl_pwcheck_method: saslauthd
Has anyone an idea why it wants ldapdb here? Why does the authentification fail?
The errors your seeing are spurious, since you're using saslauthd to
authenticate. It's an error indicating that you're missing a required
config option in /etc/imapd.conf - the sasl_ldapdb_uri option.

You can get rid of the error in imapd.conf with:

sasl_auxprop_plugin: sasldb

Or by removing the ldapdb shared library.
--
Dan White
ml ml
2010-03-08 09:20:52 UTC
Permalink
Hi Dan,

i still dont get it:

~# testsaslauthd -u mario2 -p test
0: OK "Success."


~# imtest -u mario2 -m login -w test localhost
S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID AUTH=CRAM-MD5
AUTH=PLAIN SASL-IR COMPRESS=DEFLATE] Testfix Cyrus IMAP v2.3.16 server
ready
C: L01 LOGIN root {4}
S: + go ahead
C: <omitted>
S: L01 NO Login failed: generic failure
Authentication failed. generic failure
Security strength factor: 0


imapd.conf (diffrent config this time!!!):
================
configdirectory: /usr/local/example-admin/cyrus/var/imap
defaultpartition: default
partition-default: /var/spool/cyrus/mail
partition-news: /var/spool/cyrus/news
newsspool: /var/spool/news
altnamespace: no
unixhierarchysep: no
lmtp_downcase_rcpt: yes
admins: cyrus
allowanonymouslogin: no
popminpoll: 1
autocreatequota: 0
umask: 077
sieveusehomedir: false
sievedir: /var/spool/sieve
hashimapspool: true
allowplaintext: yes
sasl_mech_list: CLEAR CRAM-MD5 PLAIN
tls_ca_path: /etc/ssl/certs
tls_session_timeout: 1440
tls_cipher_list: TLSv1+HIGH:!aNULL:@STRENGTH
lmtpsocket: /usr/local/example-admin/cyrus/var/socket/lmtp
idlemethod: poll
idlesocket: /var/run/cyrus/socket/idle
notifysocket: /var/run/cyrus/socket/notify
syslog_prefix: cyrus
sasl_pwcheck_method: saslauthd


auth.log:
===========
Mar 8 10:16:52 Testfix cyrus/imap[1554]: auxpropfunc error invalid
parameter supplied
Mar 8 10:16:52 Testfix cyrus/imap[1554]: _sasl_plugin_load failed on
sasl_auxprop_plug_init for plugin: ldapdb


syslog:
==========
Mar 8 10:16:52 Testfix cyrus/master[1554]: about to exec
/usr/local/example-admin//cyrus/bin/imapd
Mar 8 10:16:52 Testfix cyrus/imap[1554]: executed
Mar 8 10:16:52 Testfix cyrus/imap[1554]: accepted connection
Mar 8 10:16:52 Testfix cyrus/imap[1554]: badlogin: localhost [::1]
plaintext root SASL(-1): generic failure: checkpass failed


Any further ideas?

Cheers,
Mario
Post by Dan White
Post by ml ml
testsaslauthd -u mario -p test
0: OK "Success."
cyradm --user mario --auth login localhost
            Login only available under a layer at
/usr/lib/perl5/Cyrus/IMAP/Admin.pm line 119
cyradm: cannot authenticate to server with login as mario
That's a Cyrus IMAP specific issue. With default configuration, it does
not allow transmission of a clear text password. You can enable the
'allowplaintext' imapd.conf option to change that behavior, or use a
connection which provides some level of encryption.
Post by ml ml
--------------------------------------------------------------------
imap[21753]: auxpropfunc error invalid parameter supplied
imap[21753]: _sasl_plugin_load failed on sasl_auxprop_plug_init for
plugin: ldapdb
cat /etc/imapd.conf
-------------------------
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus mario
sasl_mech_list: PLAIN
sasl_pwcheck_method: saslauthd
Has anyone an idea why it wants ldapdb here? Why does the authentification fail?
The errors your seeing are spurious, since you're using saslauthd to
authenticate. It's an error indicating that you're missing a required
config option in /etc/imapd.conf - the sasl_ldapdb_uri option.
sasl_auxprop_plugin: sasldb
Or by removing the ldapdb shared library.
--
Dan White
Dan White
2010-03-08 14:11:03 UTC
Permalink
Post by ml ml
~# imtest -u mario2 -m login -w test localhost
sasl_mech_list: CLEAR CRAM-MD5 PLAIN
... you're telling cyrus IMAP to only offer these 3 mechs.

You probably want:

sasl_mech_list: PLAIN LOGIN
Post by ml ml
Post by Dan White
Post by ml ml
testsaslauthd -u mario -p test
0: OK "Success."
cyradm --user mario --auth login localhost
            Login only available under a layer at
/usr/lib/perl5/Cyrus/IMAP/Admin.pm line 119
cyradm: cannot authenticate to server with login as mario
That's a Cyrus IMAP specific issue. With default configuration, it does
not allow transmission of a clear text password. You can enable the
'allowplaintext' imapd.conf option to change that behavior, or use a
connection which provides some level of encryption.
Post by ml ml
--------------------------------------------------------------------
imap[21753]: auxpropfunc error invalid parameter supplied
imap[21753]: _sasl_plugin_load failed on sasl_auxprop_plug_init for
plugin: ldapdb
cat /etc/imapd.conf
-------------------------
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus mario
sasl_mech_list: PLAIN
sasl_pwcheck_method: saslauthd
Has anyone an idea why it wants ldapdb here? Why does the authentification fail?
The errors your seeing are spurious, since you're using saslauthd to
authenticate. It's an error indicating that you're missing a required
config option in /etc/imapd.conf - the sasl_ldapdb_uri option.
sasl_auxprop_plugin: sasldb
Or by removing the ldapdb shared library.
--
Dan White
--
Dan White
ml ml
2010-03-08 14:44:34 UTC
Permalink
Hi Dan,

well...still the same here :-(


imtest -u mario2 -m login -w test localhost
S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID AUTH=PLAIN AUTH=LOGIN
SASL-IR COMPRESS=DEFLATE] Testfix Cyrus IMAP v2.3.16 server ready
C: L01 LOGIN root {4}
S: + go ahead
C: <omitted>
S: L01 NO Login failed: generic failure
Authentication failed. generic failure
Security strength factor: 0



Thanks a lot!

Mario
Post by Dan White
Post by ml ml
~# imtest -u mario2 -m login -w test localhost
sasl_mech_list: CLEAR CRAM-MD5 PLAIN
... you're telling cyrus IMAP to only offer these 3 mechs.
sasl_mech_list: PLAIN LOGIN
Post by ml ml
Post by Dan White
Post by ml ml
testsaslauthd -u mario -p test
0: OK "Success."
cyradm --user mario --auth login localhost
            Login only available under a layer at
/usr/lib/perl5/Cyrus/IMAP/Admin.pm line 119
cyradm: cannot authenticate to server with login as mario
That's a Cyrus IMAP specific issue. With default configuration, it does
not allow transmission of a clear text password. You can enable the
'allowplaintext' imapd.conf option to change that behavior, or use a
connection which provides some level of encryption.
Post by ml ml
--------------------------------------------------------------------
imap[21753]: auxpropfunc error invalid parameter supplied
imap[21753]: _sasl_plugin_load failed on sasl_auxprop_plug_init for
plugin: ldapdb
cat /etc/imapd.conf
-------------------------
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus mario
sasl_mech_list: PLAIN
sasl_pwcheck_method: saslauthd
Has anyone an idea why it wants ldapdb here? Why does the
authentification
fail?
The errors your seeing are spurious, since you're using saslauthd to
authenticate. It's an error indicating that you're missing a required
config option in /etc/imapd.conf - the sasl_ldapdb_uri option.
sasl_auxprop_plugin: sasldb
Or by removing the ldapdb shared library.
--
Dan White
--
Dan White
Dan White
2010-03-08 14:47:37 UTC
Permalink
Post by ml ml
imtest -u mario2 -m login -w test localhost
S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID AUTH=PLAIN AUTH=LOGIN
SASL-IR COMPRESS=DEFLATE] Testfix Cyrus IMAP v2.3.16 server ready
C: L01 LOGIN root {4}
S: + go ahead
C: <omitted>
S: L01 NO Login failed: generic failure
Authentication failed. generic failure
Security strength factor: 0
You should use '-a mario2' rather than '-u mario2'. It's trying to login as
root with the command as you have it.
Post by ml ml
Post by Dan White
Post by ml ml
~# imtest -u mario2 -m login -w test localhost
sasl_mech_list: CLEAR CRAM-MD5 PLAIN
... you're telling cyrus IMAP to only offer these 3 mechs.
sasl_mech_list: PLAIN LOGIN
--
Dan White
Loading...