multiple domains not working in cyrus

Jan Hofmann jan.hofmann at dexite.de
Mon Mar 10 11:55:53 CET 2014 

Hi all,

I added a second domain in the kolab-webadmin and afterwards I modified all configs like described in http://docs.kolab.org/howtos/multi-domain.html
Postfix is working fine, all mails for the second domain are delivered in the right mailboxes.

But I can’t login with a user from the second domain. Cyrus gives me the following errormessage (external mailclient and Roundcube):

Mar 10 11:44:17 mail ptloader[18251]: starting: ptloader.c,v git2.5+0 
Mar 10 11:44:17 mail imap[18231]: ptload(): bad response from ptloader server: identifier not found
Mar 10 11:44:17 mail imap[18231]: ptload completely failed: unable to canonify identifier: max.mustermann at example.de
Mar 10 11:44:17 mail imap[18231]: SASL bad userid authenticated
Mar 10 11:44:17 mail imap[18231]: badlogin: localhost [127.0.0.1] PLAIN [SASL(-13): authentication failure: bad userid authenticated]

in /etc/imapd.conf I added all the ldap_domain_* parts as described in the “Cyrus 2.5 section” from the above tutorial, here is my imapd.conf:

### imapd.conf - begin ###

configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus-admin
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
sasl_pwcheck_method: auxprop saslauthd
sasl_mech_list: PLAIN LOGIN
allowplaintext: no
tls_cert_file: /etc/pki/tls/certs/example.de.crt
tls_key_file: /etc/pki/tls/private/example.de.key
tls_ca_file: /etc/pki/tls/certs/sub.class1.server.ca.pem
# uncomment this if you're operating in a DSCP environment (RFC-4594)
# qosmarking: af13
auth_mech: pts
pts_module: ldap
ldap_servers: ldap://localhost:389
ldap_sasl: 0
ldap_base: dc=example,dc=de
ldap_bind_dn: uid=kolab-service,ou=Special Users,dc=example,dc=de
ldap_password: vlTMR1QJZ9SCe99
ldap_filter: (|(&(|(uid=cyrus-admin)(uid=cyrus-murder))(uid=%U))(&(|(uid=%U)(mail=%U@%d)(mail=%U@%r))(objectclass=kolabinetorgperson)))
ldap_user_attribute: mail
ldap_group_base: dc=example,dc=de
ldap_group_filter: (&(cn=%u)(objectclass=ldapsubentry)(objectclass=nsroledefinition))
ldap_group_scope: one
ldap_member_base: ou=People,dc=example,dc=de
ldap_member_method: attribute
ldap_member_attribute: nsrole
ldap_restart: 1
ldap_timeout: 10
ldap_time_limit: 10
unixhierarchysep: 1
virtdomains: userid
annotation_definitions: /etc/imapd.annotations.conf
sieve_extensions: fileinto reject envelope body vacation imapflags notify include regex subaddress relational copy
allowallsubscribe: 0
allowusermoves: 1
altnamespace: 1
hashimapspool: 1
anysievefolder: 1
fulldirhash: 0
sieveusehomedir: 0
sieve_allowreferrals: 0
lmtp_downcase_rcpt: 1
lmtp_fuzzy_mailbox_match: 1
username_tolower: 1
deletedprefix: DELETED
delete_mode: delayed
expunge_mode: delayed
flushseenstate: 1
postuser: shared

#changes for multidomain
ldap_domain_base_dn: cn=kolab,cn=config
ldap_domain_filter: (&(objectclass=domainrelatedobject)(associateddomain=%s))
ldap_domain_name_attribute: associatedDomain
ldap_domain_scope: sub
ldap_domain_result_attribute: inetdomainbasedn

### imapd.conf - end ###

Any Ideas?

Best regards,
Jan



-------------- n?chster Teil --------------
Ein Dateianhang mit Bin?rdaten wurde abgetrennt...
Dateiname   : smime.p7s
Dateityp    : application/pkcs7-signature
Dateigr??e  : 4145 bytes
Beschreibung: nicht verf?gbar
URL         : <http://lists.kolab.org/pipermail/users/attachments/20140310/c020908e/attachment.p7s>

More information about the users mailing list