kXsBJhsLFGAL7H+MGy9w==
Hi all,
this was my my first summary and now i found my mistake:
>
> i have to test Suns POP-Server on a new system running Solaris 7 with NIS.
> I have installed SIMS 2.0 and also the license.
>
> When i test via telnet i see this:
>
> ~ (testuser@werner) 11 >telnet akira pop3
> Trying 130.75.57.34...
> Connected to akira.
> Escape character is '^]'.
> +OK akira Solstice (tm) Internet Mail Server (tm) POP3 2.0 p11 at Mon, 14 Aug
2000 17:17:00 +0200 (MET DST)
> user testuser
> +OK User name accepted, password please
> pass nnnnnnnnnn
> -ERR Bad login
>
> In /var/log/syslog i see only this:
>
> Aug 14 17:17:13 akira ipop3d[21130]: Login failure user=testuser host=werner
>
>
> Of course, not very much information. On a Qualcomm-Server on the
> old host this way of testing works. I found only a small
> manpage and no other docs. The testuser exist and i know the
> right password ...
>
> So, any hints where i have to look? Are there any important systemfiles?
> Any more docs available (i checked the CDs, docs.sun.com)? How to
> debug the pop-server?
>
The pop3-daemon works. I have a NIS problem. In my old system the mailserver
is running on a normal host embedded in my NIS structure. So the pop3-daemon
has access to the NIS database and can check the user accounts.
For my new system i put the pop3-daemon (and the new mailserver) on a
fileserver. On this fileserver i deny user access in this way:
/etc/passwd:
root:x:0:1:Super-User:/:/sbin/sh
[...]
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x Nobody:/:
ppp:x:10:5:Solstice PPP 3.0 pppls:/:/usr/sbin/pppls
+:x:::::
/etc/nsswitch.conf:
[...]
passwd: compat
[...]
This is a good way to prevent user access to this fileserver, but when
you are login as root you can see user und group names und you can su
to a user account.
pop3-daemons don't like this.
When i change nsswitch.conf to "passwd: files nis" everything is
working, but also user access ...
So i have to think about a new way of user authentication for pop3.
Are there any patches available to have access to a passwd-file
other than /etc/passwd???
Detlev
Thanx to:
Bruce Hamilton <bhami@pobox.com>
Jay Lessert <jayl@latticesemi.com>
Hans Schaechl <schaechl@bigfoot.com>
-- Detlev | Institut fuer Mikroelektronische Systeme, Uni Hannover Habicht | D-30167 Hannover +49 511 76219662 habicht@ims.uni-hannover.de --------+-------- Handy +49 172 5415752 ---------------------------S U BEFORE POSTING please READ the FAQ located at N ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/faq . and the list POLICY statement located at M ftp://ftp.cs.toronto.edu/pub/jdd/sun-managers/policy A To submit questions/summaries to this list send your email message to: N sun-managers@ececs.uc.edu A To unsubscribe from this list please send an email message to: G majordomo@sunmanagers.ececs.uc.edu E and in the BODY type: R unsubscribe sun-managers S Or . unsubscribe sun-managers original@subscription.address L To view an archive of this list please visit: I http://www.latech.edu/sunman.html S T
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:14 CDT