[Dovecot] can't deliver with Kerberos username

Nikolay Shopik shopik at inblock.ru
Sun Aug 16 09:57:06 EEST 2009 

On 16.08.2009 4:29, Timo Sirainen wrote:
> On Fri, 2009-08-14 at 22:06 +0400, Nikolay Shopik wrote:
>> I've been trying to use Kerberos and PLAIN text file for authentication.
>> I've setup deliver in postfix master.cf and make sure correct username
>> are expanded but deliver is always told me "user unknown".
>> I can logon into mailbox using Kerberos w/o problems and can send
>> emails. Looks like Dovecot lookup up passwd files and not finding users
>> which are in Kerberos realm.
>>
>>     passdb:
>>       driver: passwd-file
>>       args: /etc/dovecot/passwd
>
> What do the usernames look like in this file? Set auth_debug=yes, what
> does deliver log then?
Usernames are with domain - shopik at inblock.ru{PLAIN}password in file

15:34:31 Info: auth(default): client in: AUTH   1       GSSAPI 
service=IMAP    lip=10.0.1.4    rip=1.1.107.157
15:34:31 Info: auth(default): gssapi(?,81.195.107.157): Obtaining 
credentials for imap at pluto
15:34:31 Info: auth(default): client out: CONT  1
15:34:31 Info: auth(default): client in: CONT<hidden>
15:34:31 Info: auth(default): gssapi(?,1.1.107.157): security context 
state completed.
15:34:31 Info: auth(default): client out: CONT  1 
YIGCBgkqhkiG9xIBAgICAG9zMHGgAwIBBaEDAgEPomUwY6ADAgEXolwEWopE+RgkXAoy3StiEWS/b8J7060TbA+lNUzuY6tRtf3/cCPPbsnmaBbU8k2dlQ6MtNqL8XikW3tt25AK58x6yYKs6SH3ldkTlIBW36tJMplbdWgQqTSpY3ra6Q==
15:34:31 Info: auth(default): client in: CONT<hidden>
15:34:31 Info: auth(default): gssapi(?,1.1.107.157): Negotiated security 
layer
15:34:31 Info: auth(default): client out: CONT  1 
YDAGCSqGSIb3EgECAgIBEQD/////LPILd/RXG1o5TsKWu3XbHKx0vgAAAAAAAf///wE=
15:34:31 Info: auth(default): client in: CONT<hidden>
15:34:31 Info: auth(default): client out: OK    1       user=nshopik
15:34:31 Info: auth(default): master in: REQUEST        4       25904   1
15:34:31 Info: auth(default): master out: USER  4       nshopik uid=1001 
        gid=1001        home=/var/mail/store/nshopik
15:34:31 Info: imap-login: Login: user=<nshopik>, method=GSSAPI, 
rip=1.1.107.157, lip=10.0.1.4
15:34:31 Info: auth(default): new auth connection: pid=25910

More information about the dovecot mailing list