Hi, I'm trying to configure DoveCot to allow NTLM authentication. I've successfully authenticated with Outlook 2003 against Dovecot when the passdb backend used to store the password is a passwd-file. It doesn't matter if the passwd-file contains plain or NTLM encrypted passwords. When I compare the NTLM hash provided by the dovecotpw utility to the one I have in my SAMBA ldap, it appears to be exactly the same. When I use the LDAP passdb backend, I can see in the log file that dovecot has received the correct NTLM hash value, but outlook fails to authenticate successfully. I'm using the debianized dovecot version v1.0.beta2. I can post my dovecot-ldap.conf file, if it will help. Can anybody help me configure my dovecot to allow Outlook to perform NTLM authentication when the password database is in LDAP? Thanks, Lior Okman
On Mon, 2006-03-06 at 15:26 +0200, Lior Okman wrote:> When I compare the NTLM hash provided by the dovecotpw utility to the > one I have in my SAMBA ldap, it appears to be exactly the same. > > When I use the LDAP passdb backend, I can see in the log file that > dovecot has received the correct NTLM hash value, but outlook fails to > authenticate successfully. > > I'm using the debianized dovecot version v1.0.beta2.It shouldn't matter if it's in LDAP or in passwd-file. I'd guess it reads the scheme wrong. The passwords in LDAP probably aren't prefixed with {NTLM}? Have you set default_pass_scheme = NTLM in dovecot-ldap.conf? Have you tried if plaintext logins work with NTLM hashes in LDAP? If they don't, try setting auth_debug=yes and auth_debug_passwords=yes and check if the logs help. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20060306/e5347bb9/attachment.bin>