[Dovecot] Troube with GSSAPI auth
Willie Gillespie
wgillespie+dovecot at es2eng.com
Tue Nov 23 16:06:07 EET 2010
asd dsa wrote:
>> Maybe you need to set auth_gssapi_hostname?
>
> I added auth_gssapi_hostname = servertd.td.pmz.com.ua (its the KDC) to dovecot.conf and generated again service principals:
>
> slot KVNO Principal
> ---- ---- ---------------------------------------------------------------------
> 1 14 imap/melchior.td.pmz.com.ua at TD.PMZ.COM.UA
> 2 13 host/melchior.td.pmz.com.ua at TD.PMZ.COM.UA
> 3 1 imap/melchior.td.pmz.com.ua at TD.PMZ.COM.UA
> 4 1 host/melchior.td.pmz.com.ua at TD.PMZ.COM.UA
>
> Then i got:
>
> auth: Debug: gssapi(?,192.168.1.50): Obtaining credentials for imap at servertd.td.pmz.com.ua
> auth: Info: gssapi(?,192.168.1.50): While acquiring service credentials: Unspecified GSS failure. Minor code may provide more$
> auth: Info: gssapi(?,192.168.1.50): While acquiring service credentials: No principal in keytab matches desired name
>
> Something wrong with service principals, but what?
Maybe auth_gssapi_hostname should = melchior.td.pmz.com.ua since that's
what is in your keytab.
More information about the dovecot
mailing list