[Dovecot] can't deliver with Kerberos username

Nikolay Shopik shopik at inblock.ru
Sun Aug 16 10:14:46 EEST 2009


On 16.08.2009 11:11, Timo Sirainen wrote:
> On Aug 16, 2009, at 2:57 AM, Nikolay Shopik wrote:
>
>>>> passdb:
>>>> driver: passwd-file
>>>> args: /etc/dovecot/passwd
>>>
>>> What do the usernames look like in this file? Set auth_debug=yes, what
>>> does deliver log then?
>> Usernames are with domain - shopik at inblock.ru{PLAIN}password in file
>
>> 15:34:31 Info: auth(default): client out: OK 1 user=nshopik
>
> OK, so in Kerberos your usernames don't have @domain, but in passwd-file
> they do. There are only two possible solutions:
>
> a) Remove @domain from passwd-file (or maybe create with and without
> @domain)
>
> b) Add @domain to kerberos usernames.
>
> I don't know much about Kerberos, so I've no idea what would be the
> proper way to solve this.
>

A) This means I have to keep file with all username which are exist in 
Kerberos realm? This is little confusing because 
http://wiki.dovecot.org/Authentication/Kerberos says I may not have 
passdb at all. Also I don't wanna any password to be keeped for Kerberos 
users here.



More information about the dovecot mailing list