search for: krbprincipalname

...ap, Kerberos makes use of the same ldap as its backend, goal was to enable users to use their principals in addition to simple login with mailAddress/userPassword combination. Sample entry relevant attrs: --- mailAddress: sn.gn at example.com mailDeliveryAddress: 123456 at example.com uid: u123456 krbPrincipalName: u123456 at REALM krbPrincipalName: user123456 at REALM krbPrincipalName: alias at REALM --- with pass_attrs = =user=%{ldap:mailDeliveryAddress},=password=%{ldap:userPassword},=k5principals=%{ldap:krbPrincipalName} I can see incorrectly logged ldap search result for krbPrincipalName attr as it is...

...The Active Directory Password Cache overlay allows to mirror user account credentials without any modification on the AD server. It only takes one occasional simple bind authentication against the OpenLDAP server. If the credential has not been mirrored yet, the overlay uses the krbPrincipalName and the password provided by the user to perform a Kerberos init against the Active Directory. A successful Kerberos init guarantees a correct password for this principal, and therefor the bind finally succeeds. Within this overlay operation, the password gets encrypted with the de...

...etpolicyaux objectClass: krbprincipalaux objectClass: inetuser objectClass: posixaccount objectClass: ipaSshGroupOfPubKeys objectClass: mepOriginEntry loginShell: /bin/bash initials: GN gecos:: R8O8bnRoZXIgSi4gTmllZGVyd2ltbWVy sn: Niederwimmer homeDirectory: /home/office mail: office at example.com krbPrincipalName: office at example.COM givenName:: R8O8bnRoZXIgSi4= cn:: R8O8bnRoZXIgSi4gTmllZGVyd2ltbWVy ipaUniqueID: 3a6e2256-8648-11e6-b45d-5254002cd3fc uidNumber: 1507800005 gidNumber: 1507800005 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 > > # Distinguished Name...

Hello, Dovecot 2.2.25 CentOS 7 I setup ldap (FreeIPA) to have a user for dovecot that can (read search compare) all attributes that I need for dovecot. I must also have mailAlternateAddress When I make a ldapsearch with this user, I found all I need to configure dovecot. But for me it is not possible to configure this correct ? I can make for user doveadm auth test office and doveadm