[Dovecot] Authenticaton in Active Directory(again)

Jeff A. Earickson jaearick at colby.edu
Mon Apr 2 16:14:49 EEST 2007


Hi,

I run dovecot on Solaris 10, with authentication to Active Directory,
just fine.  I make my Solaris system a Kerberos client to AD, then
then use PAM to allow authentication of users to AD.  For information
on how to kerberize a Sun box (the same idea should work with Linux
and other versions of UNIX), see:

http://www.connectathon.org/seam1.0/BOOK.htm

Read "How to Configure a SEAM client using a Win 2K KDC".  This
information still works with AD 2003.

After getting your UNIX system to be a Kerberos client of AD, then
you will want to modify your /etc/pam.conf file to authenticate via
Kerberos.  For Sun, the lines in your pam.conf file look like:

other   auth requisite      pam_authtok_get.so.1 debug
other   auth required       pam_dhkeys.so.1 debug
other   auth required       pam_unix_cred.so.1 debug
other   auth sufficient     pam_krb5.so.1 debug
other   auth required       pam_unix_auth.so.1 debug

I can send you a complete pam.conf for Solaris 10 if needed.

I don't use LDAP based authentication because I've never figured it
out.  But it can probably be done.

Jeff Earickson
Colby College

On Mon, 2 Apr 2007, Claudio Roberto Prateat wrote:

> Date: Mon, 2 Apr 2007 09:38:51 -0300
> From: Claudio Roberto Prateat <prateat at semasa-itajai.com.br>
> To: dovecot at dovecot.org
> Subject: [Dovecot] Authenticaton in Active Directory(again)
> 
>
> Is possible authenticate in active directory 2003r2 with ldap (dovecot-ldap), but not using pam_ldap ?
> I have problem, faileds. I need example of the dovecot-ldap.conf for this authentication.
> Help, please.
>
> Best Regards !
>


More information about the dovecot mailing list