similar to: Problems setting up dovecot 2.0.1 with kerberos auth

Hi, while trying to get new mails into dovecot 2.0.1 via fetchmail and lmtp, auth process crashes: Sep 7 19:55:58 oldbox dovecot: lmtp(29944): Error: userdb lookup(heini at localhost): Disconnected unexpectedly Sep 7 19:55:58 oldbox fetchmail[29928]: Nachricht USER at ISP:1 von 2 wird gelesen (2204 Bytes im Nachrichtenkopf) (Log-Meldung unvollst?ndig) Sep 7 19:55:58 oldbox fetchmail[29928]:

Did a few test here "auth_gssapi_hostname = "$ALL"" is no longer required with dovecot (2.2.13 here). Add "auth_debug=yes" to your dovecor config. 192.168.100.1 is my clients ip 192.168.100.101 is the servers ag is the domain account username I use to login to windows and also the username configured in thunderbird. On my debian system an package named

More info ... when I do MAIL=imap://mark at mail.ohprs.org/ mutt (using the domain of the registered certificate). I do not get the message "Certificate host check failed: certificate owner does not match hosthame ..." I do get the same (mutt?) edit screen shown below with the "(r)eject, accept (o)nce, (a)ccept always" action at the bottom. If I "accept (o)nce",

Am 30.06.2016 um 23:16 schrieb Mark Foley: > Achim, thanks a lot! A couple of questions on your suggested settings: > >> 1. Create an user >> samba-tool create user dovcot > I did this (actually `samba-tool user create dovecot`), but it asked for a password. I > entered one. You didn't mention that, so I hope it's OK. Yes > > >> 2. Add the spn

Am 30.06.2016 um 10:45 schrieb Mark Foley: > To revisit my problem: I have Dovecot running on the same host as Samba4 AD/DC. I've set > Thunderbird to authenticate with GSSAPI on a domain workstation. I have an /etc/krb5.keytab > file as required by Dovecot. I've also downloaded and installed Kerberos for access to > the k* commands (ktutil, kinit, klist, ...). > > In my

Achim - per your instructions ... > Did a few test here "auth_gssapi_hostname = "$ALL"" is no longer > required with dovecot (2.2.13 here). My dovecot is 2.2.15 and the 10-auth.conf (from the template) has the comment: # Host name to use in GSSAPI principal names. The default is to use the # name returned by gethostname(). Use "$ALL" (with quotes) to allow

It's getting abit offtopic for the samba list :-) Look at the testing section in http://wiki2.dovecot.org/Authentication/Kerberos do what is mentioned below "Test that the server can access the keytab". If i run the telnet authenticated test and klist afterwards contains the imap keys. Am 01.07.2016 um 08:21 schrieb Mark Foley: > More info ... > > when I do > >

Am 01.07.2016 um 10:37 schrieb Achim Gottinger: > It's getting abit offtopic for the samba list :-) > > Look at the testing section in > http://wiki2.dovecot.org/Authentication/Kerberos do what is mentioned > below "Test that the server can access the keytab". > > If i run the telnet authenticated test and klist afterwards contains > the imap keys. >

> ... you don't get the /etc/krb5.keytab by default on a DC, you will need > to create it: > > samba-tool domain exportkeytab /etc/krb5.keytab Excellent! Thank you. I've done that now, but I have more issues more appropriate to a reply to mathias' message following. --Mark -----Original Message----- > To: samba at lists.samba.org > From: Rowland penny <rpenny

Hi, I've setup a Samba 4 based AD server a while ago and everything was working fine for some time. However, since a few days it seems it doesn't resolve aliases anymore. I can query them using the host command, but a simple ping then fails to resolve the name: % host alias1 alias1.altum.de is an alias for server1. % ping alias1

> On Sep 14, 2016, at 12:57 PM, Achim Gottinger <achim at ag-web.biz> wrote: > > > > Am 14.09.2016 um 18:23 schrieb Michael A Weber: >> >>> On Sep 14, 2016, at 10:44 AM, Achim Gottinger via samba <samba at lists.samba.org <mailto:samba at lists.samba.org>> wrote: >>> >>> >>> >>> Am 14.09.2016 um 05:53

On Fri, 11 Jan 2019 16:13:50 +0000 (UTC) Billy Bob <billysbobs at yahoo.com> wrote: > > > On Friday, January 11, 2019 3:14 AM, Rowland Penny via samba > <samba at lists.samba.org> wrote: > > > >I have no idea where the above is coming from, but it isn't from > >the dhcp scripts. > > > > I don't know what to tell you,

On Friday, January 11, 2019 11:20 AM, Billy Bob via samba <samba at lists.samba.org> wrote:     On Friday, January 11, 2019 10:44 AM, Rowland Penny via samba <samba at lists.samba.org> wrote: On Fri, 11 Jan 2019 16:13:50 +0000 (UTC) Billy Bob <billysbobs at yahoo.com> wrote: >>> Here is what the logs show WITHOUT the -d option: >>> >>> Jan

Am 22.01.2015 um 17:17 schrieb Rowland Penny: > On 22/01/15 12:57, Norbert Heinzelmann wrote: >> Am 22.01.2015 um 12:28 schrieb Rowland Penny: >>> On 22/01/15 10:53, Norbert Heinzelmann wrote: >>>> Hello, >>>> >>>> I have the problem that the ACLs are ignored when I mount a share >>>> via cifs. I have an AD with Samba 4.1.6 Ubuntu

Hello, I try to setup Dovecot with Kerberos/GSSAPI and use this howto: https://wiki.samba.org/index.php/Authenticating_Dovecot_against_Active_Directory#Create_the_Dovecot_user_and_keytab I also try https://wiki.dovecot.org/Authentication/Kerberos I can login as windows user on win7 and access shares. When I open Thunderbird I get the message: "kerberos/gssapi ticket was not accepted"

Am 23.01.2015 um 10:19 schrieb Rowland Penny: > On 23/01/15 07:34, Norbert Heinzelmann wrote: >> >> Am 22.01.2015 um 17:17 schrieb Rowland Penny: >>> On 22/01/15 12:57, Norbert Heinzelmann wrote: >>>> Am 22.01.2015 um 12:28 schrieb Rowland Penny: >>>>> On 22/01/15 10:53, Norbert Heinzelmann wrote: >>>>>> Hello,

Hi, On 27-06-2016 08:58, Mark Foley wrote: > So, I'm apparently lacking in the kerberos stuff. Here's the problem -- Samba4 uses Heimdal > Kerberos and when I provisioned my domain apparently none of these needed kerberos files were > set up. I can, however, kerberos authenticate from domain workstations both WIN7 and Linux. You don't need any Samba4 stuff, to get it

Achim, I deleted the keytab file and did the following: $ samba-tool user delete dovecot $ samba-tool user add dovecot # again, that asked for a password and I assigned one. $ samba-tool spn add smpt/mail.hprs.local at HPRS.LOCAL dovecot $ samba-tool spn add imap/mail.hprs.local at HPRS.LOCAL dovecot $ ktutil ktutil: addent -password -p smtp/mail.hprs.local at HPRS.LOCAL -k 1 -e arcfour-hmac

Achim, thanks a lot! A couple of questions on your suggested settings: > 1. Create an user > samba-tool create user dovcot I did this (actually `samba-tool user create dovecot`), but it asked for a password. I entered one. You didn't mention that, so I hope it's OK. > 2. Add the spn > samba-tool spn add smtp/server.domain.local at DOMAIN.LOCAL dovecot > samba-tool spn

Hi list Does anyone has experience in setting up dovecot or any other mail system with user auth against a Samba4 AD ? If yes could I get some advice on that Topic or even a link to a ressource where I can get some Information. Googled a lot but didn't find something yet. Thankx in advance. -- Mit freundlichem Gru? Carsten Laun-De Lellis Hauptstrasse 13 D-67705 Trippstadt Phone: +49