31 Aug
2009
31 Aug
'09
9:23 p.m.
On Sun, 2009-08-30 at 14:29 -0600, Jason Gunthorpe wrote:
The kerberos setup is pretty easy.. 'net ads join' your server, go into the adsi editor and provide a imap and smtp SPN for the host, use 'net ads keytab' to put the imap and smtp SPNs in the system keytab, and then you are good to go. I test it with mutt first as the error messages are somewhat better.
Ouch, can you go a little more slowly, please? I think I've joined the domain OK:
ccimap:~# net ads testjoin Join is OK ccimap:~# net ads info LDAP server: 10.6.1.245 LDAP server name: orwell.ad.laterooms.com [...]
But I have no idea how / where you add a service principal with ADSIEdit
- can you point me in the right direction? Kerberos is still mainly a mystery to me (and I'm sure many others!)
gdh