I'm running KDC with all users and passwords, but have to manage clients who doesn't support GSSAPI like mobile phones. Is it possible to dovecot SASL check password in KDC when user sends plain text login? I know this is possible to do with saslauthd from Cyrus but prefer to stick with dovecot SASL.
On Tue, 2010-02-09 at 20:47 +0300, Nikolay Shopik wrote:> I'm running KDC with all users and passwords, but have to manage clients > who doesn't support GSSAPI like mobile phones. Is it possible to dovecot > SASL check password in KDC when user sends plain text login? I know this > is possible to do with saslauthd from Cyrus but prefer to stick with > dovecot SASL.Not directly, but how about pam_krb5? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20100209/11c63245/attachment-0002.bin>
On 09.02.2010 21:10, Timo Sirainen wrote:> On Tue, 2010-02-09 at 20:47 +0300, Nikolay Shopik wrote: >> I'm running KDC with all users and passwords, but have to manage clients >> who doesn't support GSSAPI like mobile phones. Is it possible to dovecot >> SASL check password in KDC when user sends plain text login? I know this >> is possible to do with saslauthd from Cyrus but prefer to stick with >> dovecot SASL. > > Not directly, but how about pam_krb5? >But this won't work if I have virtual users, right?