Dovecot and IPA

Timo Sirainen tss at
Mon Sep 7 17:37:51 UTC 2015

> On 07 Sep 2015, at 00:41, Kanwar Ranbir Sandhu <m3freak at> wrote:
> Hello,
> I'm trying to get Dovecot to use GSSAPI for authentication. I have an IPA server on CentOS 7 with a bunch of my servers attached to the IPA domain, including the server running Dovecot.
> I've followed official documentation from Red Hat and read numerous wiki articles on how to configure Dovecot to get it to use GSSAPI correctly. I don't think I've done anything incorrectly, but it refuses to work. This is the error I'm seeing:
> mailman02 dovecot: imap-login: Disconnected (tried to use unsupported auth mechanism): user=<>, method=PLAIN, rip=, lip=, TLS, session=<QhWSqxofyAAKyAkM>

It says "tried to use unsupported auth mechanism". In your later mail you say that telnet shows AUTH=GSSAPI in capabilities. So that would mean that the client isn't using AUTHENTICATE GSSAPI but something else.

Set auth_debug=yes and/or see what the client actually does by enabling pre-login rawlog:

More information about the dovecot mailing list