El Miércoles, 4 de Abril de 2012 13:21:33 Timo Sirainen escribió:
On 4.4.2012, at 14.18, Miguel Tormo wrote:
I have a running setup with a dovecot imap4/pop3 proxy to a few dovecot backend servers which actually store the mailboxes. This is running smoothly and allows me to transparently distribute mailboxes. I'm using some "extrafield" configured in the LDAP passdb.
However, now I would like to use GSSAPI (preferred) and NTLM for single sign-on. Both are pretty straightforward to configure in a single instance environment, but I don't know if they would work with proxy. For example, with GSSAPI there are two cases:
- Just use gssapi mechanism, without PAM. Then, it a user presents a ticket the passdb ldap is not used, so the extrafields are never read.
The patch in http://dovecot.org/list/dovecot/2012-March/064331.html makes this work I think. I still haven't managed to look into it much though.
It definitely is worth a look. I wonder if it would make ldap extrafields lookups work with gssapi auth, I will try it and post the results. Thank you!