How to "Windows Authenticate"

Mark Foley mfoley at ohprs.org
Thu Sep 3 10:25:01 UTC 2015 

This can't be that hard. I think I've enabled LDAP in Dovecot just by including
dovecot-ldap.conf.ext in 10-auth.conf and using the default settings. I now have
the configuration shown below. Two questions:

1. How do I set Outlook to authenticate with LDAP? Currently the Outlook
accounts still have the ID and password set in "Logon Information". Checking
"Require logon using Secure Password Authentication (SPA)" doesn't work. All I
can seem to find on the Internet is how to configure address books using LDAP.

2. Should I remove "passdb { drive = shadow } from the dovecot configuration?

Anybody?

$ doveconf -n
# 2.2.15: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 3.10.17 x86_64 Slackware 14.1
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = plain
disable_plaintext_auth = no
info_log_path = /var/log/dovecot_info
mail_location = maildir:~/Maildir
passdb {
  driver = shadow
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
protocols = imap
ssl_cert = </etc/ssl/certs/OHPRS/GoDaddy/Apache/c5fe0cc8242d6030.crt
ssl_key = </etc/ssl/certs/OHPRS/GoDaddy/mail.ohprs.org.key
userdb {
  driver = passwd
}
userdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
verbose_ssl = yes


-----Original Message-----
From: Mark Foley <mfoley at ohprs.org>
Date: Wed, 02 Sep 2015 13:31:35 -0400
To: dovecot at dovecot.org
Subject: How to "Windows Authenticate"

> I've been using Dovecot 2.2.15 as the IMAP server for Outlook (2010/2013) on
> Windows workstations for over 6 months with no problems.  Dovecot is hosted on
> the office Samba4 AC/DC server. 
>
> I have been using auth_mechanisms plain login, and passdb driver = shadow.
>
> What I'd like to do now is use the "Windows Authenticated" login so I don't have
> to have separate passwords for users logging into the Windows AD workstations
> and their Outlook clients.
>
> If anyone has actually done this I'd appreciate some tips. My various attempts
> have not been successful.
>
> Here is my current config:
>
> $ doveconf -n
> # 2.2.15: /usr/local/etc/dovecot/dovecot.conf
> # OS: Linux 3.10.17 x86_64 Slackware 14.1
> auth_debug_passwords = yes
> auth_mechanisms = plain login
> auth_verbose = yes
> auth_verbose_passwords = plain
> disable_plaintext_auth = no
> info_log_path = /var/log/dovecot_info
> mail_location = maildir:~/Maildir
> passdb {
>   driver = shadow
> }
> protocols = imap
> ssl_cert = </etc/ssl/certs/OHPRS/GoDaddy/Apache/c5fe0cc8242d6030.crt
> ssl_key = </etc/ssl/certs/OHPRS/GoDaddy/mail.ohprs.org.key
> userdb {
>   driver = passwd
> }
> verbose_ssl = yes
>
> Thanks, Mark Foley
>From dovecot-bounces at dovecot.org  Wed Sep  2 13:32:13 2015
Return-Path: <dovecot-bounces at dovecot.org>
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.98.6 at mail
X-Spam-Checker-Version: SpamAssassin 3.3.2-_revision__1.14__ (2011-06-06) on
	mail.hprs.local
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=3.0 tests=none autolearn=unavailable
	version=3.3.2-_revision__1.14__
X-Original-To: dovecot at dovecot.org
Delivered-To: dovecot at dovecot.org
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.98.6 at mail
From: Mark Foley <mfoley at ohprs.org>
Date: Wed, 02 Sep 2015 13:31:35 -0400
Organization: Ohio Highway Patrol Retirement System
To: dovecot at dovecot.org
Subject: How to "Windows Authenticate"
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
X-BeenThere: dovecot at dovecot.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Dovecot Mailing List <dovecot.dovecot.org>
List-Unsubscribe: <http://dovecot.org/cgi-bin/mailman/options/dovecot>,
	<mailto:dovecot-request at dovecot.org?subject=unsubscribe>
List-Archive: <http://dovecot.org/pipermail/dovecot/>
List-Post: <mailto:dovecot at dovecot.org>
List-Help: <mailto:dovecot-request at dovecot.org?subject=help>
List-Subscribe: <http://dovecot.org/cgi-bin/mailman/listinfo/dovecot>,
	<mailto:dovecot-request at dovecot.org?subject=subscribe>
Errors-To: dovecot-bounces at dovecot.org
Sender: "dovecot" <dovecot-bounces at dovecot.org>
Status: R

I've been using Dovecot 2.2.15 as the IMAP server for Outlook (2010/2013) on
Windows workstations for over 6 months with no problems.  Dovecot is hosted on
the office Samba4 AC/DC server. 

I have been using auth_mechanisms plain login, and passdb driver = shadow.

What I'd like to do now is use the "Windows Authenticated" login so I don't have
to have separate passwords for users logging into the Windows AD workstations
and their Outlook clients.

If anyone has actually done this I'd appreciate some tips. My various attempts
have not been successful.

Here is my current config:

$ doveconf -n
# 2.2.15: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 3.10.17 x86_64 Slackware 14.1
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = plain
disable_plaintext_auth = no
info_log_path = /var/log/dovecot_info
mail_location = maildir:~/Maildir
passdb {
  driver = shadow
}
protocols = imap
ssl_cert = </etc/ssl/certs/OHPRS/GoDaddy/Apache/c5fe0cc8242d6030.crt
ssl_key = </etc/ssl/certs/OHPRS/GoDaddy/mail.ohprs.org.key
userdb {
  driver = passwd
}
verbose_ssl = yes

Thanks, Mark Foley

More information about the dovecot mailing list