[Dovecot] Settings: Dovecot + NTLM + Single Sing On + Windows + Outlook or Thunderbird.
I am following the steps listed in: http://wiki.dovecot.org/HowTo/ActiveDirectoryNtlm
My goal is to have single sign-on for Microsoft Outlook applications.
I working and I have some doubts since I never set up an imap server, hope I can help :).
The version that I have installed is devecot 2.0.9.
"dovecot -n" shows the following:
# 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-71.el6.x86_64 x86_64 CentOS release 6.4 (Final) auth_use_winbind = yes mbox_write_locks = fcntl passdb { driver = pam } protocols = imap pop3 ssl = no userdb { args = uid=10000 gid=10000 home=/mail/%d/%n driver = static }
I show what I have in /etc/samba/smb.conf
[global] workgroup = EJEMPLO realm = EJEMPLO.COM.UY server string = %h (Samba %v) security = ADS password server = ad.domain.dom username map = /etc/samba/mapeousuarios map untrusted to domain = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 name resolve order = wins host bcast local master = No domain master = No dns proxy = No wins server = here active directory ip panic action = /usr/share/samba/panic-action %d winbind separator = + winbind use default domain = Yes winbind rpc only = Yes idmap config * : range = 1200-3000 idmap config * : backend = tdb
[usuarios3] path = /exports/archivos-usuarios read only = No map acl inherit = Yes store dos attributes = Yes
"wbinfo -g" and "wbinfo -u" work well.
kinit Administrator work well also.
Some steps of the configuration in dovecot.conf does not recognize:
1) "protocols = imap imaps pop3 pop3s".
2) "mechanisms = plain ntlm login".
3) "allow_all_users=yes" y
"mail=maildir:/home/vmail/%d/%1Ln/%Ln:INBOX=/home/vmail/%d/%1Ln/%Ln".
I'm not sure I should put in place.
I also have some doubts:
1) I have to create a keytab file containing the principal for
imap and pop?, as it would indicate Dovecot?.
2) That should indicate values uid y el gid?
3) I have to set something in pam?
if I make "telnet localhost imap" shows the following:
OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready
NTLM not appears in the options.
I hope I can shed some light on the subject :) Thanks and greetings.
-- Maria José
The wiki link you refer to is for dovecot v1.
You are using v2.
Use the correct wiki link...
http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm
Also, you are using an old version of v2 - use the latest 2.1 (2.1.16), or better yet, the latest 2.2 (2.2.2)...
Charles
On 2013-05-30 11:34 AM, Maria Jose Yañez Dacosta <mariajose1982@gmail.com> wrote:
I am following the steps listed in: http://wiki.dovecot.org/HowTo/ActiveDirectoryNtlm
My goal is to have single sign-on for Microsoft Outlook applications.
I working and I have some doubts since I never set up an imap server, hope I can help :).
The version that I have installed is devecot 2.0.9.
"dovecot -n" shows the following:
# 2.0.9: /etc/dovecot/dovecot.conf
--
Best regards,
Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax
Sorry!, And try to install the latest version and tell them. Thanks!
2013/5/30 Charles Marcus <CMarcus@media-brokers.com>
The wiki link you refer to is for dovecot v1.
You are using v2.
Use the correct wiki link...
Also, you are using an old version of v2 - use the latest 2.1 (2.1.16), or better yet, the latest 2.2 (2.2.2)...
Charles
On 2013-05-30 11:34 AM, Maria Jose Yañez Dacosta <mariajose1982@gmail.com> wrote:
I am following the steps listed in: http://wiki.dovecot.org/HowTo/**ActiveDirectoryNtlm<http://wiki.dovecot.org/HowTo/ActiveDirectoryNtlm>
My goal is to have single sign-on for Microsoft Outlook applications.
I working and I have some doubts since I never set up an imap server, hope I can help :).
The version that I have installed is devecot 2.0.9.
"dovecot -n" shows the following:
# 2.0.9: /etc/dovecot/dovecot.conf
--
Best regards,
Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax
-- Maria José
Hi!,
Change the version, now I have installed the version 2.1.16.
If I do "doveconf -n" it show
# 2.1.16: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-358.6.2.el6.x86_64 x86_64 CentOS release 6.4 (Final) auth_use_winbind = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } protocols = imap pop3 ssl = no userdb { args = uid=10000 gid=10000 home=/mail/%d/%n allow_all_users=yes driver = static } The things I do not recognize are:
mechanisms = plain ntlm login
Looking at the log (In /var/log/maillog ) when I do telnet localhost imap:
May 31 15:45:55 prueba-mail dovecot: master: Dovecot v2.1.16 starting up (core dumps disabled) May 31 15:46:04 prueba-mail dovecot: auth: Fatal: Support not compiled in for passdb driver 'pam' May 31 15:46:04 prueba-mail dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs May 31 15:46:04 prueba-mail dovecot: imap-login: Disconnected: Auth process broken (disconnected before greeting, waited 0 secs): user=<>, rip=::1, lip=::1, secured, session=<jabyBgjevAAAAAAAAAAAAAAAAAAAAAAB>
What can be causing this error?, What should go in place of those lines that are not recognized?
I'm using the how to: http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm
Thank!!.
2013/5/30 Maria Jose Yañez Dacosta <mariajose1982@gmail.com>
Sorry!, And try to install the latest version and tell them. Thanks!
2013/5/30 Charles Marcus <CMarcus@media-brokers.com>
The wiki link you refer to is for dovecot v1.
You are using v2.
Use the correct wiki link...
Also, you are using an old version of v2 - use the latest 2.1 (2.1.16), or better yet, the latest 2.2 (2.2.2)...
Charles
On 2013-05-30 11:34 AM, Maria Jose Yañez Dacosta <mariajose1982@gmail.com> wrote:
I am following the steps listed in: http://wiki.dovecot.org/HowTo/**ActiveDirectoryNtlm<http://wiki.dovecot.org/HowTo/ActiveDirectoryNtlm>
My goal is to have single sign-on for Microsoft Outlook applications.
I working and I have some doubts since I never set up an imap server, hope I can help :).
The version that I have installed is devecot 2.0.9.
"dovecot -n" shows the following:
# 2.0.9: /etc/dovecot/dovecot.conf
--
Best regards,
Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax
-- Maria José
-- Maria José
Fix your line wrapping. The below is way too difficult to read for most people to waste time trying to decipher.
On 2013-05-31 3:02 PM, Maria Jose Yañez Dacosta <mariajose1982@gmail.com> wrote:
If I do "doveconf -n" it show
# 2.1.16: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-358.6.2.el6.x86_64 x86_64 CentOS release 6.4 (Final) auth_use_winbind = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } protocols = imap pop3 ssl = no userdb { args = uid=10000 gid=10000 home=/mail/%d/%n allow_all_users=yes driver = static } The things I do not recognize are:
mechanisms = plain ntlm login
--
Best regards,
Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax
Sorry for the bad drafting, writing is the clearest :).
I want to install dovecot on a linux server (centos 6) so that users accessing from windows do not have to enter the password (single sign on).
I am following this explanation http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm
There are steps that fail settings in version 2.1.16.
mechanisms = plain ntlm login
userdb static { args= uid=501 gid=501 home=/home/vmail/%1Ln/%Ln mail=maildir:/home/vmail/%d/%1Ln/%Ln:INBOX=/home/vmail/%d/%1Ln/%Ln allow_all_users=yes }
Not recognize them.
Honestly, I have no experience configuring dovecot and would need some help. Segurmante this forgetting me some things and not others take them correctly. Another question I have is if I have to set something in particular in PAM.
I show what I have now (doveconf-n):
# 2.1.16: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-358.6.2.el6.x86_64 x86_64 CentOS release 6.4
(Final)
auth_use_winbind = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts }
mailbox Junk { special_use = \Junk }
mailbox Sent { special_use = \Sent }
mailbox "Sent Messages" { special_use = \Sent }
mailbox Trash { special_use = \Trash }
passdb { driver = pam }
protocols = imap pop3 ssl = no
userdb { args = uid=10000 gid=10000 home=/mail/%d/%n allow_all_users=yes driver = static }
As I discuss, I is working and if I look at the log (In / var / log / maillog) When I do telnet localhost imap shows me this:
May 31 15:45:55 prueba-mail dovecot: master: Dovecot v2.1.16 starting up (core dumps disabled) May 31 15:46:04 prueba-mail dovecot: auth: Fatal: Support not compiled in for passdb driver 'pam' May 31 15:46:04 prueba-mail dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs May 31 15:46:04 prueba-mail dovecot: imap-login: Disconnected: Auth process broken (disconnected before greeting, waited 0 secs): user=<>, rip=::1, lip=::1, secured, session=<jabyBgjevAAAAAAAAAAAAAAAAAAAAAAB>
Thank you very much for any help!
2013/6/1 Charles Marcus <CMarcus@media-brokers.com>
Fix your line wrapping. The below is way too difficult to read for most people to waste time trying to decipher.
On 2013-05-31 3:02 PM, Maria Jose Yañez Dacosta <mariajose1982@gmail.com> wrote:
If I do "doveconf -n" it show
# 2.1.16: /usr/local/etc/dovecot/**dovecot.conf # OS: Linux 2.6.32-358.6.2.el6.x86_64 x86_64 CentOS release 6.4 (Final) auth_use_winbind = yes namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } protocols = imap pop3 ssl = no userdb { args = uid=10000 gid=10000 home=/mail/%d/%n allow_all_users=yes driver = static } The things I do not recognize are:
mechanisms = plain ntlm login
--
Best regards,
Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax
-- Maria José
participants (2)
-
Charles Marcus
-
Maria Jose Yañez Dacosta