On 10/19/2010 07:56 AM, Trever L. Adams wrote:
On 10/19/2010 06:16 AM, Trever L. Adams wrote:
Samba4 doesn't automatically set the userPrincipalName to imap/f.q.d.n@REALM or smtp/f.q.d.n@REALM when setting up an SPN. This was the problem. For some reason it works fine for imap but not smtp.
I have reported this as a possible bug to Samba4. I am documenting it here in case someone else has problems.
Trever
Ok, so it is documented for others. It appears that it is a "bug" in Thunderbird due to the windows PAC in the kerberos ticket. Assuming you have followed instructions elsewhere and userPrincipalName is set properly in the AD, make sure you have the right line_length_limit for postfix.
If you are using dovecot sasl with postfix and are using Thunderbird in Windows (part of an AD domain) and using smtp kerberos authentication, make sure you have line_length_limit = 2176 in postfix's main.cf.
Thanks to Wietse for his help.
Trever
"It is difficult to legislate morality in the absence of moral legislators." -- Unknown