[Dovecot] check password on behalf of user

Nikolay Shopik shopik at inblock.ru
Tue Feb 9 20:17:02 EET 2010


On 09.02.2010 21:14, Timo Sirainen wrote:
> On Tue, 2010-02-09 at 21:12 +0300, Nikolay Shopik wrote:
>> On 09.02.2010 21:10, Timo Sirainen wrote:
>>> On Tue, 2010-02-09 at 20:47 +0300, Nikolay Shopik wrote:
>>>> I'm running KDC with all users and passwords, but have to manage clients
>>>> who doesn't support GSSAPI like mobile phones. Is it possible to dovecot
>>>> SASL check password in KDC when user sends plain text login? I know this
>>>> is possible to do with saslauthd from Cyrus but prefer to stick with
>>>> dovecot SASL.
>>>
>>> Not directly, but how about pam_krb5?
>>>
>>
>> But this won't work if I have virtual users, right?
>
> I guess it depends on if pam_krb5 tries to use NSS. If it doesn't, I
> don't see why it couldn't work.
>

Sounds promising, could you point me to any example or documentation how 
to accomplish this?


More information about the dovecot mailing list