On 02/02/2011 04:17 PM, Timo Sirainen wrote:
It does set that, but only on first GSSAPI authentication. I guess it wouldn't hurt moving it to do it always. If that script helps you, I can do this change.
It appears that the script you recommended doesn't do the trick. Does /usr/libexec/dovecot/auth clear the environment. Even doing it manually from the command line the openldap stuff doesn't seem to pick up the KRB5_KTNAME environment variable.
I can kinit on the command line and get auth to work, but the kinit doesn't hold over to the dovecot process (for good reasons I am sure).
Some how this needs to be fixed so that GSSAPI through SASL will work. I am not sure where to go from here as I am learning LDAP as I mess with this stuff. Is there anyone on the list who has any ideas? (I would prefer this be service principals as well, if possible.)
Thank you, Trever Adams
"All this technology has somehow made you a stranger in your own land." -- Robert M. Pirsig