[Dovecot] LDAP and GSSAPI problems
Trever L. Adams
trever.adams at gmail.com
Fri Feb 4 21:57:11 EET 2011
On 02/02/2011 04:17 PM, Timo Sirainen wrote:
>
> It does set that, but only on first GSSAPI authentication. I guess it
> wouldn't hurt moving it to do it always. If that script helps you, I can
> do this change.
It appears that the script you recommended doesn't do the trick. Does
/usr/libexec/dovecot/auth clear the environment. Even doing it manually
from the command line the openldap stuff doesn't seem to pick up the
KRB5_KTNAME environment variable.
I can kinit on the command line and get auth to work, but the kinit
doesn't hold over to the dovecot process (for good reasons I am sure).
Some how this needs to be fixed so that GSSAPI through SASL will work. I
am not sure where to go from here as I am learning LDAP as I mess with
this stuff. Is there anyone on the list who has any ideas? (I would
prefer this be service principals as well, if possible.)
Thank you,
Trever Adams
--
"All this technology has somehow made you a stranger in your own land."
-- Robert M. Pirsig
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : http://dovecot.org/pipermail/dovecot/attachments/20110204/2ecec15b/attachment.bin
More information about the dovecot
mailing list