[Dovecot] LDAP and GSSAPI problems
Jason Gunthorpe
jgunthorpe at obsidianresearch.com
Thu Feb 3 01:54:20 EET 2011
On Thu, Feb 03, 2011 at 01:17:02AM +0200, Timo Sirainen wrote:
> > Postfix (the other half of my solution -- though the version I am using
> > doesn't do SASL LDAP yet, but 2.9.x does) allows you, in the
> > configuration, to set what environment variables it should not unset and
> > even define new ones (an example -- import_environment =
> > KRB5_KTNAME=/etc/dovecot/krb5.keytab). This may be a good solution for
> > Dovecot specifically for things like this.
>
> Maybe.. But there haven't really been all that many uses for it.
Windows AD's LDAP server behaves by default in the same way, in that
all LDAP must be authenticated - this makes alot of sense, IMHO. It
would be nice to have LDAP out of the box support kerberos
authentication using the machine principle setup by samba.
Jason
More information about the dovecot
mailing list