1 |
On 7/19/06, Michael Crute <mcrute@×××××.com> wrote: |
2 |
> On 7/19/06, Leandro Melo de Sales <leandroal@×××××.com> wrote: |
3 |
> > Hi! I'm trying to setup postfix with authentication. I have |
4 |
> > PAM/NSSwitch configured to use LDAP backend. I also installed |
5 |
> > cyrus-sasl, but when I test authentication I got some errors. What I'm |
6 |
> > doing wrong? Some relevant information: |
7 |
> > |
8 |
> > /etc/sasl2/smtpd.conf |
9 |
> > |
10 |
> > pwcheck_method:pam |
11 |
> > |
12 |
> > --------------------------------------- |
13 |
> > |
14 |
> > telnet port 25: |
15 |
> > |
16 |
> > embedded postfix # telnet localhost 25 |
17 |
> > Trying 127.0.0.1... |
18 |
> > Connected to localhost. |
19 |
> > Escape character is '^]'. |
20 |
> > 220 Servidor de E-Mail Embedded |
21 |
> > EHLO mydomain.com |
22 |
> > 250-embedded.mydomain.com |
23 |
> > 250-PIPELINING |
24 |
> > 250-SIZE 10240000 |
25 |
> > 250-VRFY |
26 |
> > 250-ETRN |
27 |
> > 250-STARTTLS |
28 |
> > 250 8BITMIME |
29 |
> > quit |
30 |
> > 221 Bye |
31 |
> > Connection closed by foreign host. |
32 |
> > |
33 |
> > -------------------------------------------- |
34 |
> > |
35 |
> > log: |
36 |
> > |
37 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: < |
38 |
> > unknown[192.168.1.100]: |
39 |
> > TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw== |
40 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: |
41 |
> > smtpd_sasl_authenticate: decoded response: NTLMSSP |
42 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: NTLM server step 1 |
43 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: client flags: ffff8207 |
44 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: |
45 |
> > smtpd_sasl_authenticate: uncoded challenge: NTLMSSP |
46 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: > |
47 |
> > unknown[192.168.1.100]: 334 |
48 |
> > TlRMTVNTUAACAAAAOgA6ADAAAAAFggIAxSfRzXMryGYAAAAAAAAAAAAAAAAAAAAARQBNAEIARQBEAEQARQBEAC4ARQBNAEIARQBEAEQARQBEAC4AVQBGAEMARwAuAEUARABVAC4AQgBSAA== |
49 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: < |
50 |
> > unknown[192.168.1.100]: |
51 |
> > TlRMTVNTUAADAAAAGAAYAI4AAAAYABgApgAAACgAKABIAAAADgAOAHAAAAAQABAAfgAAAAAAAAC+AAAABYIAAgUBKAoAAAAPZQBtAGIAZQBkAGQAZQBkAC4AdQBmAGMAZwAuAGUAZAB1AC4AYgByAGwAZQBhAG4AZAByAG8AQwBPAE0AUABPAFIAMAA2AFhBruTJ7QP1D2kjfvHaMU0IHH0O2a0i6qfimYU8bx0zsRE2W3N/+wpohdPaH5f26Q== |
52 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: |
53 |
> > smtpd_sasl_authenticate: decoded response: NTLMSSP |
54 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: NTLM server step 2 |
55 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: client user: leandro |
56 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: client domain: |
57 |
> > embedded.ufcg.edu.br |
58 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: warning: SASL |
59 |
> > authentication failure: no secret in database |
60 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: warning: |
61 |
> > unknown[192.168.1.100]: SASL NTLM authentication failed |
62 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: > |
63 |
> > unknown[192.168.1.100]: 535 Error: authentication failed |
64 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: < |
65 |
> > unknown[192.168.1.100]: AUTH NTLM |
66 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: |
67 |
> > smtpd_sasl_authenticate: sasl_method NTLM |
68 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: |
69 |
> > smtpd_sasl_authenticate: uncoded challenge: |
70 |
> > Jul 19 11:20:27 embedded postfix/smtpd[31410]: > unknown[192.168.1.100]: 334 |
71 |
> > |
72 |
> > main.cf: |
73 |
> > |
74 |
> > smtpd_sasl_auth_enable = yes |
75 |
> > smtpd_sasl_security_options = noanonymous |
76 |
> > smtpd_sasl_local_domain = $myhostname |
77 |
> > broken_sasl_auth_clients = yes |
78 |
> > smtpd_recipient_restrictions = permit_sasl_authenticated, |
79 |
> > permit_mynetworks, check_relay_domains |
80 |
|
81 |
(Sorry for the top-post... wasn't paying attention) |
82 |
|
83 |
Check your auth.log in /var/log... does it tell you anything? You may |
84 |
(probably) will have to add a debug flag in your /etc/pam.d/<whatever> |
85 |
file to really get any useful information out of it. |
86 |
|
87 |
-Mike |
88 |
|
89 |
-- |
90 |
________________________________ |
91 |
Michael E. Crute |
92 |
http://mike.crute.org |
93 |
|
94 |
I may not have gone where I intended to go, but I think I have ended |
95 |
up where I intended to be. --Douglas Adams |
96 |
-- |
97 |
gentoo-server@g.o mailing list |