[Dovecot] dovecot + postfix + active directory

Askar askar at askarali.info
Mon Apr 11 21:08:37 EEST 2005


Paolo Basenghi wrote:

> Active Directory uses kerberos protocol for authentication, so you 
> need pam_krb5 module to authenticate.
> I don't know if it is possible to authenticate in A.D. without Kerberos.
>
> In the configuration I proposed to you, A.D. is required only for 
> authentication, the accounting information (uid, gid) is static (vmail 
> Linux user), the home dir. is determined by template (example: 
> /home/vmail/mailboxes/<A.D. username>).
> In other words, my config. works well if you can utilize virtual 
> mailboxes *AND* each mailbox dir. name equals to A.D. username.
>
> I heard that exists a Microsoft extension to A.D. LDAP schema to add 
> Unix accounting info, but I never used it.
>
> So I don't know if you *must* use pam+kerberos, but I suggest that you 
> *should* try it, leaving out dovecot-ldap.conf.
>
> Cheers
>
hi Paolo,

thanks for you reply, heh i'm trying with krb5 + pam from last 4 hours 
without any access when i treid to connect through mail client 
thunderbird i got this error....

 dovecot-auth: PAM: pam_authenticate(abc) failed: unknown user 
            user (abc) do exist in AD :(

even when i tried to confirm kinit abc at abc.com (my domain)

i got ........
kinit: krb5_get_init_creds: unable to reach any KDC in realm 
mail.xxxxxxxxxxx


Thanks and regards

Askar
       


More information about the dovecot mailing list