'Re: [Ispman-users] The imap-ldap black hole'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ispman-users
Subject:    Re: [Ispman-users] The imap-ldap black hole
From:       "Tony Wasson" <wasson () azxws ! com>
Date:       2004-01-26 20:32:07
Message-ID: 1046.168.215.212.145.1075149127.squirrel () webmail ! azxws ! com
[Download RAW message or body]

>>>I've tried it so many ways and gotten the same result.  It's frustrating
>>>because every link in the chain seems to squelch out important details
>>>and introduce chances for error.  I will probably rebuild the test
>>>server from scratch, after spinning my wheels so long on this, just to
>>>see if I can't shake out bugs that way.  Thanks for your help.
>>>
>>>Jeff
>>>
>>Thanks for the info Jeff. I know it is frustrating getting this all
>>working. Your imapd.conf looks fine. How is saslauthd being launched?
>> Also
>>can you debug it with strace, or truss and look for any sorts of errors?
>>
>>Tony
>>
> Well don't I feel dumb.   I guess its just a fact of life that it will
> take a lot of research before working with all these pieces at once will
> be fluent to me.  The problem was a single line in the pam_ldap version
> of the ldap.conf file.  Here is the block from the sample included with
> pam_ldap:
>
> # Do not hash the password at all; presume
> # the directory server will do it, if
> # necessary. This is the default.
> #pam_password clear
>
> Setting pam_password md5 (in my case since i'm not using crypt) did the
> trick.  This raised two misconceptions that I had with the system.  One
> was that the ldap.conf file was generic (it is to an extent but I hadn't
> counted on pam_ldap critical settings to show up there), and two that
> openldap simply 'knew' what to do with a cleartext password (which didnt
> seem right, and in fact it does 'know' so long as crypt is used, being
> the default conversion for pam_ldap).  I think i've got about 10 pages
> now for the 'troubleshooting' section of the docs :-)
>
> Jeff Meden

Jeff,

Interesting! I did not realize the pam_password line in pam_ldap would
ause a problem. I was under the impression that that the password line was
only important when changing passwords. You never stop learning,
especially when trying to tie about 10 active open source projects
together with ISPMan.

I'd love to have some more help documenting ISPMan. Writing a short
"here's what worked for me" would be a great start, as would any
contributions to the handbook.

Tony Wasson



-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Ispman-users mailing list
Ispman-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ispman-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic