[Dovecot] An alternate "dovecot-auth" daemon using cyrus-sasl
Dmitry Butskoy
buc at odusz.so-cdu.ru
Tue Sep 6 14:32:53 EEST 2005
Andrey Panin wrote:
>> may be dovecot`s ntlm can take
>>appropriate password hashes from openldap directly?
>>(sambaLMPassword/sambaNTPassword)
>>
>>
>
>Yes, dovecot can handle LM/NTLM password hashes and it can fetch them
>from OpenLDAP directly (look at doc/dovecot-ldap.conf)
>
>In general you can store passwords in any supported form, just add proper
>password scheme prefix. For example: {NTLM}69943C5E63B4D2C104DBBCC15138B72B
>For more information read here: http://wiki.dovecot.org/Authentication
>
>
OK, it looks like it satisfies our case.
But in general, there can be other Domain controllers -- AD, NT
native, or even Samba without ldap backend. For such cases, IMHO, my
patch may help a bit.
I have not found anywhere a pop3/imap server with fine ntlm support.
Fortunately, the dovecot allows to write another authentication daemon
(without changing of main code), and I try to do it.
All "lacks" of cyrus-sasl will be concentrated in this external
daemon, therefore I think that I shall spoil nothing in dovecot itself.
Dmitry Butskoy <Dmitry at Butskoy.name>
Saint-Petersburg, Russia
Red Hat Certified Engineer 809003662809495
More information about the dovecot
mailing list