asd dsa wrote:
Maybe you need to set auth_gssapi_hostname?
I added auth_gssapi_hostname = servertd.td.pmz.com.ua (its the KDC) to dovecot.conf and generated again service principals:
slot KVNO Principal
1 14 imap/melchior.td.pmz.com.ua@TD.PMZ.COM.UA 2 13 host/melchior.td.pmz.com.ua@TD.PMZ.COM.UA 3 1 imap/melchior.td.pmz.com.ua@TD.PMZ.COM.UA 4 1 host/melchior.td.pmz.com.ua@TD.PMZ.COM.UA
Then i got:
auth: Debug: gssapi(?,192.168.1.50): Obtaining credentials for imap@servertd.td.pmz.com.ua auth: Info: gssapi(?,192.168.1.50): While acquiring service credentials: Unspecified GSS failure. Minor code may provide more$ auth: Info: gssapi(?,192.168.1.50): While acquiring service credentials: No principal in keytab matches desired name
Something wrong with service principals, but what?
Maybe auth_gssapi_hostname should = melchior.td.pmz.com.ua since that's what is in your keytab.