Maria Jose YaƱez Dacosta
2013-May-30 15:34 UTC
[Dovecot] Settings: Dovecot + NTLM + Single Sing On + Windows + Outlook or Thunderbird.
I am following the steps listed in:
http://wiki.dovecot.org/HowTo/ActiveDirectoryNtlm
My goal is to have single sign-on for Microsoft Outlook applications.
I working and I have some doubts since I never set up an imap server, hope
I can help :).
The version that I have installed is devecot 2.0.9.
"dovecot -n" shows the following:
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-71.el6.x86_64 x86_64 CentOS release 6.4 (Final)
auth_use_winbind = yes
mbox_write_locks = fcntl
passdb {
driver = pam
}
protocols = imap pop3
ssl = no
userdb {
args = uid=10000 gid=10000 home=/mail/%d/%n
driver = static
}
I show what I have in /etc/samba/smb.conf
[global]
workgroup = EJEMPLO
realm = EJEMPLO.COM.UY
server string = %h (Samba %v)
security = ADS
password server = ad.domain.dom
username map = /etc/samba/mapeousuarios
map untrusted to domain = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = wins host bcast
local master = No
domain master = No
dns proxy = No
wins server = here active directory ip
panic action = /usr/share/samba/panic-action %d
winbind separator = +
winbind use default domain = Yes
winbind rpc only = Yes
idmap config * : range = 1200-3000
idmap config * : backend = tdb
[usuarios3]
path = /exports/archivos-usuarios
read only = No
map acl inherit = Yes
store dos attributes = Yes
"wbinfo -g" and "wbinfo -u" work well.
kinit Administrator work well also.
Some steps of the configuration in dovecot.conf does not recognize:
1) "protocols = imap imaps pop3 pop3s".
2) "mechanisms = plain ntlm login".
3) "allow_all_users=yes" y
"mail=maildir:/home/vmail/%d/%1Ln/%Ln:INBOX=/home/vmail/%d/%1Ln/%Ln".
I'm not sure I should put in place.
I also have some doubts:
1) I have to create a keytab file containing the principal for
imap and pop?, as it would indicate Dovecot?.
2) That should indicate values uid y el gid?
3) I have to set something in pam?
if I make "telnet localhost imap" shows the following:
OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
AUTH=PLAIN] Dovecot ready
NTLM not appears in the options.
I hope I can shed some light on the subject :) Thanks and greetings.
--
Maria Jos?
Charles Marcus
2013-May-30 16:41 UTC
[Dovecot] Settings: Dovecot + NTLM + Single Sing On + Windows + Outlook or Thunderbird.
The wiki link you refer to is for dovecot v1. You are using v2. Use the correct wiki link... http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm Also, you are using an old version of v2 - use the latest 2.1 (2.1.16), or better yet, the latest 2.2 (2.2.2)... Charles On 2013-05-30 11:34 AM, Maria Jose Ya?ez Dacosta <mariajose1982 at gmail.com> wrote:> I am following the steps listed in: > http://wiki.dovecot.org/HowTo/ActiveDirectoryNtlm > > My goal is to have single sign-on for Microsoft Outlook applications. > > I working and I have some doubts since I never set up an imap server, hope > I can help :). > > The version that I have installed is devecot 2.0.9. > > "dovecot -n" shows the following: > > # 2.0.9: /etc/dovecot/dovecot.conf >-- Best regards, Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6224 | 678.514.6299 fax