[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[imapsync] Using admin auth login
Gilles LAMIRAL <gilles dot lamiral at laposte dot net>
[imapsync] Using admin auth login
Sun, 01 Apr 2012 23:51:26 +0200
> I try to use admin auth on linux and exchange, both don't work.
> How to configure this???
Linux is so vague I can't help you without knowing the IMAP server software name.
For Exchange it depends. Here are the FAQ items about admin login:
Q. How to migrate from or to Exchange 2003 with an admin/authuser
R. Thomas Edgar wrote the following
In case you can glean something from this snippet which allowed us
to migrate from Exchange 2003 t0 Cyrus Imap 2.4 (you would reverse
the flow to go the other way):
imapsync --dry --host1 ExchangeServer.mycompany.com \
--user1 Some dot User at mycompany dot com --authuser1 ExchangeAdminAccount \
--proxyauth1 --password1 PWCHANGED \
--host2 cyrusimapbackend.mycompany.com \
--user2 SameOrDiffererentUser at mycompany dot com \
--authuser2 CyrusAdminAccount --proxyauth2
We also needed to:
- Ensure the Exchange Admin Acct had IMAP4 enabled in it's
profile (it initially didn't!)
- Ensure the Some.User Exchange Acct had IMAP4 enabled
in it's profile (it initially didn't!)
- Add the CyrusAdminAccount to admins line in /etc/imapd.conf
- Give CyrusAdminAccount lrswipkxtecda to the Cyrus Imap account
being migrated to (- or in your case, from)
In case you are not aware:
- It will prompt for a password if you don't supply it
- the domain part of the fully-qualified email could be
omitted in our case
- Use --debugimap when testing initial connectivity, if necessary
Q. How to migrate from or to Exchange 2007/2010 with an
R. The tricks comes from Michele Marcionelli and Benjamin Priestman:
This doesn't work:
imapsync ... --user2 user2 --authuser2 admin2 --password2 PWCHANGED ...
This might works:
imapsync ... --user2 'domain\admin2\user2' --password2 PWCHANGED ...
imapsync ... --user2 'admin2 at domain\user2' --password2 PWCHANGED ...
where "domain" is set be the user's UPN in Active Directory
or the NETBIOS or DNS name of the domain.
The exact format might vary depending on local configuration and you
should experiment with the different formats.
Q. How to migrate from uw-imap with an admin/authuser account?
--user1="user*admin_user" --password1 PWCHANGED
Q. How to migrate from cyrus with an admin account?
--authuser1 admin_user ----password1 PWCHANGED \
--user1 foo_user --ssl1
In this case, --authmech1 PLAIN will be used by default since it
is the only way to go for now. So don't use --authmech1 SOMETHING
with --authuser1 admin_user, it will not work.
Same behavior with the --authuser2 option.
Do not forget the option --ssl1 since PLAIN auth is only
supported with ssl encryption most of the time. But it can
work without --ssl1 if PLAIN is permitted in normal use.
Here is an example:
--host1 server1 \
--user1 joe \
--authuser1 AdminAccount \
--password1 PWCHANGED \
--host2 server2 \
--user2 joe \
--password2 PWCHANGED \
Q: How to migrate from Sun Java Enterprise System / Sun One / iPlanet /
Netscape servers with an admin account?
R: Those imap servers don't allow the typical use of --authuser1 to use an
administrative account. They expect the use of an IMAP command called
proxyauth that is issued after login in as an administrative account.
For example, consider the administrative account 'administrator' and your
real user 'real_user'. The IMAP sequence would be:
OK [CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS
CHILDREN BINARY UNSELECT LANGUAGE STARTTLS XSENDER X-NETSCAPE XSERVERINFO
AUTH=PLAIN] imap.server IMAP4 service (Sun Java(tm) System Messaging
1 LOGIN administrator password
1 OK User logged in
2 PROXYAUTH real_user
2 OK Completed
In imapsync, you can achieve this by using the following options:
--host1 source.imap.server \
--user1 real_user \
--authuser1 administrator \
Au revoir, 09 51 84 42 42
Gilles Lamiral. France, Baulon (35580) 06 20 79 76 06