This is a tired old topic but I've at least got an angle on it:
Outlook Express works perfectly with IMAP / SPA for users logged into
our Windows domain; I just give the server address and username, and it
logs in without any password required; beautiful!
auth_ntlm_use_winbind = yes
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth default {
mechanisms = ntlm
userdb static {
args = uid=500 gid=500 home=/var/mail/%u allow_all_users=yes
}
}
Dovecot is the 1.1.13-2~bpo50+1 package from backports.org on Debian
lenny, with winbind 3.2.5
Aug 28 23:49:38 ccimap dovecot: auth(default): client in:
AUTH#0111#011NTLM#011service=imap#011lip=10.6.1.82#011rip=10.6.1.81#011lport=143#011rport=1205
Aug 28 23:49:38 ccimap dovecot: auth(default): client out: CONT#0111#011
Aug 28 23:49:38 ccimap dovecot: auth(default): client in:
CONT#0111#011TlRMTVNTUAABAAAAB7IIogIAAgAvAAAABwAHACgAAAAFASgKAAAAD01SSklHR1NBRA=Aug
28 23:49:38 ccimap dovecot: auth(default): client out:
CONT#0111#011TlRMTVNTUAACAAAABAAEADAAAAAFgominEGMs1Rz3YQAAAAAAAAAAGYAZgA0AAAAQQBEAAIABABBAEQAAQAMAEMAQwBJAE0AQQBQAAQAGgBsAGEAdABlAHIAbwBvAG0AcwAuAGMAbwBtAAMAKABjAGMAaQBtAGEAcAAuAGwAYQB0AGUAcgBvAG8AbQBzAC4AYwBvAG0AAAAAAA=Aug
28 23:49:38 ccimap dovecot: auth(default): client in:
CONT#0111#011TlRMTVNTUAADAAAAGAAYAGYAAAAYABgAfgAAAAQABABIAAAADAAMAEwAAAAOAA4AWAAAAAAAAACWAAAABYKIogUBKAoAAAAPQQBEAG0AagBpAGcAZwBzAE0AUgBKAEkARwBHAFMAKYRSdfpULaQAAAAAAAAAAAAAAAAAAAAAj90Vff2FIU1+Gs/eei8bL8dMJFGZnzSg
Aug 28 23:49:38 ccimap dovecot: auth(default): client out:
OK#0111#011user=mjiggs
Aug 28 23:49:38 ccimap dovecot: auth(default): master in:
REQUEST#0112#0111869#0111
Aug 28 23:49:38 ccimap dovecot: auth(default): passwd(mjiggs,10.6.1.81):
lookup
Aug 28 23:49:38 ccimap dovecot: auth(default): master out:
USER#0112#011mjiggs#011system_user=mjiggs#011uid=10416#011gid=10000#011home=/home/AD/mjiggs
Aug 28 23:49:38 ccimap dovecot: imap-login: Login: user=<mjiggs>,
method=NTLM, rip=10.6.1.81, lip=10.6.1.82
So, Outlook Express works. Great. The worst email client I know and it
works fine with SPA.
Unfortunately Outlook 2007 doesn't work - it prompts me for a password,
and then obviously fails with NT_STATUS_WRONG_PASSWORD..
Aug 28 23:39:40 ccimap dovecot: auth(default): client in:
AUTH#0111#011NTLM#011service=imap#011lip=10.6.1.82#011rip=10.6.1.81#011lport=143#011rport=1162
Aug 28 23:39:40 ccimap dovecot: auth(default): client out: CONT#0111#011
Aug 28 23:39:40 ccimap dovecot: auth(default): client in:
CONT#0111#011TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw=Aug 28
23:39:40 ccimap dovecot: auth(default): client out:
CONT#0111#011TlRMTVNTUAACAAAABAAEADAAAAAFgomiAN6hAS8XKA4AAAAAAAAAAGYAZgA0AAAAQQBEAAIABABBAEQAAQAMAEMAQwBJAE0AQQBQAAQAGgBsAGEAdABlAHIAbwBvAG0AcwAuAGMAbwBtAAMAKABjAGMAaQBtAGEAcAAuAGwAYQB0AGUAcgBvAG8AbQBzAC4AYwBvAG0AAAAAAA=Aug
28 23:39:40 ccimap dovecot: auth(default): client in:
CONT#0111#011TlRMTVNTUAADAAAAGAAYAGIAAAAYABgAegAAAAAAAABIAAAADAAMAEgAAAAOAA4AVAAAAAAAAACSAAAABYKIogUBKAoAAAAPbQBqAGkAZwBnAHMATQBSAEoASQBHAEcAUwBVhYHxX9PdSQAAAAAAAAAAAAAAAAAAAAC0rohzeNXOHMxVHQkogW4ytyNC9hcpnCgAug
28 23:39:40 ccimap dovecot: auth(default): winbind(?,10.6.1.81):
user not authenticated: NT_STATUS_WRONG_PASSWORD
Aug 28 23:39:40 ccimap dovecot: auth(default): new auth connection:
pid=1867
Aug 28 23:39:41 ccimap dovecot: auth(default): client out: FAIL#0111
Does anyone have any magic beans for Outlook 2007 (tried both original
release + SP2) ?
Cheers,
Gavin