Date: Thu, 19 May 2005 07:05:04 -0700 From: "greg@grokking.org" <greg@grokking.org> To: freebsd-questions@freebsd.org Subject: Re: Cyrus IMAP from Ports in 5.X? Message-ID: <428C9D10.7020508@grokking.org> In-Reply-To: <20050518203827.G10202@zoraida.natserv.net> References: <20050517220403.T96779@zoraida.natserv.net> <428AAAA8.6060805@grokking.org> <20050517230643.O97506@zoraida.natserv.net> <428B48F4.1060308@grokking.org> <20050518203827.G10202@zoraida.natserv.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Francisco Reyes wrote: > On Wed, 18 May 2005, greg@grokking.org wrote: > >> Yes, I have...on several hosts. Can you confirm that the setup does not >> in fact work? > > > Found the problem line. > virtdomains: yes > I do want to have virtual domains, but adding that line changes how I > need to connect to cyradm "--user cyrus@ I also am having problems creating users > cm user.fran@<domain) > or > cm user.fran > > Both give > createmailbox: Permission denied > >> I ask this because I suspect the errors noted above may be >> no cause for concern as they might be referring to authentication >> method(s) you may not actually want/need. > > > That seems to have beent he case. Francisco, I'm not absolutely certain of this but I thought virtual domain support on cyrus was rough until 2.2x. I've got at least one box that hosts multiple domains but it's running 2.2x not 2.1x. Anyway, it looks like you're trying to use cyradm with a non-admin account. You must use the __sasl2 account__ that you specify in your imapd.conf under "admin". Standard recommendations are to create a separate account within the cyrus-sasl2 framework specifically for this purpose with no mailbox nor OS-level access (so forget "root" and the "cyrus" account). Then you type this for access on the same machine: cyradm -u <admin user> localhost If it works correctly you should get a shell prompt with the hostname, something like this: localhost.[yourdomain]> If it doesn't work and the connect to the cyradm shell fails for whatever reason, you'll see this instead: cyradm> Remember that when you add the accounts to sasl2 via the saslpasswd2 script you have the option of making the account "native" or "vhosted" simply based on whether you add an "@domain" suffix to the user id when you create it. Note that I'm referring to sasl2 accounts at this point. For example, saslpasswd2 -c userid This will create a "native" user account that is internally represented in sasldb2 as userid@servername. These accounts will be just "user.userid". When logging on, these users can just use their userid bare. But vhosted users are created thus: saslpasswd2 -c userid@domain This will create a "vhosted" user account that is internally represented as userid@domain. These mailboxes will be accessed with "user.userid@domain" within cyradm. When logging on, the user must use the FULL userid@domain syntax. I hope that this explanation helps and I'm managing to express myself clearly here (haven't had my morning coffee yet, so who knows? :) ) If you have the chance (and haven't already) check out the Cyrus-Twiki site which has some useful information on cyrus administration that isn't found on the main site: http://acs-wiki.andrew.cmu.edu/twiki/bin/view/Cyrus/ G
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?428C9D10.7020508>