similar to: [PATCH] GSSAPI authorization and virtual users

Hi, I try to configure a proxy accepting GSSAPI and PLAIN authentication. When authenticating with Kerberos, Dovecot uses master user and password to authenticate to backends (backends can be Cyrus or Exchange servers too) When authenticating with PLAIN passwords, Dovecot sends user's login and password to the backend. For GSSAPI, I use extrafields : k5principals=principal at REALM proxy=Y

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> If your dovecot is recent enough you can use mechanisms setting on passdb block. See https://doc.dovecot.org/configuration_manual/authentication/password_databases_passdb/ <br> </div> <blockquote type="cite"> <div>

Hello, just want to report a slightly confusing log entry on auth-debug level I have encountered while setting up Kerberos auth. Users are stored in ldap, Kerberos makes use of the same ldap as its backend, goal was to enable users to use their principals in addition to simple login with mailAddress/userPassword combination. Sample entry relevant attrs: --- mailAddress: sn.gn at example.com

Hello to everybody, I'm in the process of setting up test mail server (Ubuntu 19.10 amd64 running as VM under Hyper-V) and got stuck on configuring master user authentication. I use GSSAPI authentication in parallel with PLAIN/LOGIN (pam backend that authenticates against my Active Directory domain) and this works as intended. I then tried adding simple static master passdb that simply

After a over a year and a half struggling to get Dovecot to do either NTLM or GSSAPI authentication with Samba4 AD/DC, I believe I've finally got it! Thanks to all those in this list who helped: Jan Jurkus, Edgar Pettijohn, Gregory Sloop, Tom Talpey especially Aki Tuomi; and infinite thanks to Achim Gottinger on the SambaList for his patience in working this through with me. Although my

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Attached is a patch against current CVS that adds support for the GSSAPI SASL mechanism. It was written from scratch, after reading the patch from Colin Walters against a much older version of dovecot. Other then support for the 'GSSAPI' mechanism, it contains the following changes: - - Added 'auth_krb5_keytab' option for

I am running dovecot 2.1.7 on Debian Squeeze 64 bit, config information at the end of the email. I am working on a Kerberos/GSSAPI based setup that requires cross-realm authentication. I have regular GSSAPI working, I can log in using pam_krb5 with password based logins or with the GSSAPI support when using a kerberos ticket in the default realm. However when I attempt to authenticate using