Skip to main content

saslpasswd2

This is the utility for creating, changing, and deleting users and passwords from the local sasl database (usually /etc/sasldb2).

You can run it either as root or the cyrus admin user (in our case, cyrus ). Check the ownership of the sasl database if you are unsure.

Invocation is insultingly easy:

$ /usr/local/sbin/saslpasswd2 -c user

For some reason, the auth.log records whining about being unable to change the database.

More exciting options:

# saslpasswd2

This product includes software developed by Computing Services
at Carnegie Mellon University (![>>](/web/20231001162746im_/https://wiki.xdroop.com/theme/images/Icon-Extlink.png)[http://www.cmu.edu/computing/](https://web.archive.org/web/20231001162746/http://www.cmu.edu/computing/)).

saslpasswd2: usage: saslpasswd2 [-v] [-c [-p] [-n]] [-d] [-a appname] [-f sasldb] [-u DOM] userid
        -p      pipe mode -- no prompt, password read on stdin
        -c      create -- ask mechs to create the account
        -d      disable -- ask mechs to disable/delete the account
        -n      no userPassword -- don't set plaintext userPassword property
                                   (only set mechanism-specific secrets)
        -f sasldb       use given file as sasldb
        -a appname      use appname as application name
        -u DOM  use DOM for user domain
        -v      print version numbers and exit

So if you are creating a domain-specific user, you'd do something like:

saslpasswd2 -c steve -u domain.com