On Mon, May 24, 2010 at 09:18:44PM +0200, Julien Vehent wrote:
> === case 2: authentification succeeds ===================================
>
> Same authz-regex in slapd, same smtpclient command, I just removed the
> smtpd_sasl_local_domain value:
>
> ----
> # postconf |grep "smtpd_sasl"
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_sasl_exceptions_networks =
> smtpd_sasl_local_domain =
> smtpd_sasl_path = smtpd
> smtpd_sasl_security_options = noanonymous
> smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
> smtpd_sasl_type = cyrus
> ----
>
> Authentication works:
>
This is the correct configuration for you. Your SASL<->LDAP integration
requires "realm-less" security principals.
Now change any passwords used during testing, and especially those where
the SASL raw debug data was posted to this list. After that, you're all
set.
--
Viktor.
P.S. Morgan Stanley is looking for a New York City based, Senior Unix
system/email administrator to architect and sustain our perimeter email
environment. If you are interested, please drop me a note.
