similar to: How to GSSAPI/Kerberos authenticate with Dovecot [formerly Where is krb5.keytab or equivalent?]

Displaying 20 results from an estimated 10000 matches similar to: "How to GSSAPI/Kerberos authenticate with Dovecot [formerly Where is krb5.keytab or equivalent?]"

2016 Jul 04
3
How to GSSAPI/Kerberos authenticate with Dovecot [formerly Where is krb5.keytab or equivalent?]
> To: samba at lists.samba.org > From: Achim Gottinger <achim at ag-web.biz> > Date: Mon, 4 Jul 2016 09:29:02 +0200 > Subject: Re: [Samba] How to GSSAPI/Kerberos authenticate with Dovecot > > Am 04.07.2016 um 01:34 schrieb Mark Foley: > > After a nearly 2-year struggle to get Dovecot to do either NTLM or GSSAPI authentication with > > Samba4 AD/DC, I believe
2016 Jul 01
1
Where is krb5.keytab or equivalent?
Am 01.07.2016 um 23:52 schrieb Achim Gottinger: > Here is an simpler way to create an user with the imap principal and > the dovecot keymap > > ~# samba-tool user create dovecot > [Assign password] > ~# samba-tool spn add imap/server.domain.local dovecot > ~# samba-tool domain exportkeytab --principal dovecot at DOMAIN.LOCAL > dovecot.keytab If above line is replaced by
2016 Jul 01
5
Where is krb5.keytab or equivalent?
I'm sure it will not work till you get that module build. :-) Am 01.07.2016 um 20:53 schrieb Mark Foley: > On Fri, 1 Jul 2016 11:55:20 +0200 Achim Gottinger <achim at ag-web.biz> wrote: > >> Do you have /usr/lib/dovecot/modules/auth/libmech_gssapi.so? Maybe at an >> different location. On debian this comes with the dovecot-gssapi package. > That module is nowhere
2016 Jun 30
3
Where is krb5.keytab or equivalent?
Am 30.06.2016 um 23:16 schrieb Mark Foley: > Achim, thanks a lot! A couple of questions on your suggested settings: > >> 1. Create an user >> samba-tool create user dovcot > I did this (actually `samba-tool user create dovecot`), but it asked for a password. I > entered one. You didn't mention that, so I hope it's OK. Yes > > >> 2. Add the spn
2016 Jun 30
2
Where is krb5.keytab or equivalent?
Did a few test here "auth_gssapi_hostname = "$ALL"" is no longer required with dovecot (2.2.13 here). Add "auth_debug=yes" to your dovecor config. 192.168.100.1 is my clients ip 192.168.100.101 is the servers ag is the domain account username I use to login to windows and also the username configured in thunderbird. On my debian system an package named
2016 Jul 01
3
Where is krb5.keytab or equivalent?
More info ... when I do MAIL=imap://mark at mail.ohprs.org/ mutt (using the domain of the registered certificate). I do not get the message "Certificate host check failed: certificate owner does not match hosthame ..." I do get the same (mutt?) edit screen shown below with the "(r)eject, accept (o)nce, (a)ccept always" action at the bottom. If I "accept (o)nce",
2016 Jul 14
3
How to GSSAPI/Kerberos authenticate with Dovecot [formerly Where is krb5.keytab or equivalent?]
> To: samba at lists.samba.org > From: Rowland penny <rpenny at samba.org> > Date: Mon, 4 Jul 2016 21:43:46 +0100 > Subject: Re: [Samba] How to GSSAPI/Kerberos authenticate with Dovecot > [formerly Where is krb5.keytab or equivalent?] > > On 04/07/16 21:21, Mark Foley wrote: > >> To: samba at lists.samba.org > >> From: Achim Gottinger <achim at
2016 Jul 04
1
How to GSSAPI/Kerberos authenticate with Dovecot [formerly Where is krb5.keytab or equivalent?]
On Mon, 4 Jul 2016 08:18:11 +0100 Rowland penny <rpenny at samba.org> wrote: > The problem is that Samba doesn't recommend using the DC as a fileserver > etc This is why it isn't mentioned, Well, I don't see that the DC is being used as an actual file server simply by hosting an email server. There is no share defined in smb.conf to accomodate this. Furthermore, I
2016 Jun 30
2
Where is krb5.keytab or equivalent?
Am 30.06.2016 um 10:45 schrieb Mark Foley: > To revisit my problem: I have Dovecot running on the same host as Samba4 AD/DC. I've set > Thunderbird to authenticate with GSSAPI on a domain workstation. I have an /etc/krb5.keytab > file as required by Dovecot. I've also downloaded and installed Kerberos for access to > the k* commands (ktutil, kinit, klist, ...). > > In my
2016 Jul 04
2
Configure Dovecot for GSSAPI [formerly: Looking for GSSAPI config]
After a over a year and a half struggling to get Dovecot to do either NTLM or GSSAPI authentication with Samba4 AD/DC, I believe I've finally got it! Thanks to all those in this list who helped: Jan Jurkus, Edgar Pettijohn, Gregory Sloop, Tom Talpey especially Aki Tuomi; and infinite thanks to Achim Gottinger on the SambaList for his patience in working this through with me. Although my
2016 Jul 04
0
How to GSSAPI/Kerberos authenticate with Dovecot [formerly Where is krb5.keytab or equivalent?]
Am 04.07.2016 um 01:34 schrieb Mark Foley: > After a nearly 2-year struggle to get Dovecot to do either NTLM or GSSAPI authentication with > Samba4 AD/DC, I believe I've finally got it! Infinite thanks to Achim Gottinger for his > patience in working this through with me. Although my purpose was for Dovecot to authenticate > mail clients, the configuration settings needed were on
2016 Jul 04
0
How to GSSAPI/Kerberos authenticate with Dovecot [formerly Where is krb5.keytab or equivalent?]
On 04/07/16 00:34, Mark Foley wrote: > After a nearly 2-year struggle to get Dovecot to do either NTLM or GSSAPI authentication with > Samba4 AD/DC, I believe I've finally got it! Infinite thanks to Achim Gottinger for his > patience in working this through with me. Although my purpose was for Dovecot to authenticate > mail clients, the configuration settings needed were on the
2016 Jul 04
0
How to GSSAPI/Kerberos authenticate with Dovecot [formerly Where is krb5.keytab or equivalent?]
On 04/07/16 21:21, Mark Foley wrote: >> To: samba at lists.samba.org >> From: Achim Gottinger <achim at ag-web.biz> >> Date: Mon, 4 Jul 2016 09:29:02 +0200 >> Subject: Re: [Samba] How to GSSAPI/Kerberos authenticate with Dovecot >> >> Am 04.07.2016 um 01:34 schrieb Mark Foley: >>> After a nearly 2-year struggle to get Dovecot to do either NTLM or
2016 Jul 04
3
Configure Dovecot for GSSAPI [formerly: Looking for GSSAPI config]
On Mon, 4 Jul 2016 08:54:27 +0300 Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > > http://wiki2.dovecot.org/Authentication/Kerberos > > It has been now updated. Excellent! That was quick! Although, you used my actual local domain in your example: mail.hprs.local. Not that I care, no one can get to that, but it might be clearer to those of us who uncomprehendingly monkey-type
2016 Jul 04
4
Configure Dovecot for GSSAPI [formerly: Looking for GSSAPI config]
On 07/04/2016 03:30 AM, Mark Foley wrote: > Actually, I see that you used host.domain.name further down. That's a good substitute for mail.hprs.local. > > Also, not to be a literary critic, but it might not hurt to show an example keytab beneath your > "Make sure your keytab has entry for ...". Just in case people don't exactly know how to "make sure: > > $
2016 Sep 16
6
Exporting keytab for SPN failure
Am 16.09.2016 um 22:00 schrieb Robert Moulton via samba: > Achim Gottinger via samba wrote on 9/15/16 1:20 AM: >> >> >> Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba: >>> On Wed, 14 Sep 2016 16:23:27 -0500 >>> Michael A Weber via samba <samba at lists.samba.org> wrote: >>> >>>>> On Sep 14, 2016, at 2:00 PM, Achim
2016 Sep 15
3
Exporting keytab for SPN failure
Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba: > On Wed, 14 Sep 2016 16:23:27 -0500 > Michael A Weber via samba <samba at lists.samba.org> wrote: > >>> On Sep 14, 2016, at 2:00 PM, Achim Gottinger <achim at ag-web.biz> >>> wrote: >>> >>> >>> >>> Am 14.09.2016 um 20:33 schrieb Michael A Weber: >>>>>
2016 Sep 16
2
Exporting keytab for SPN failure
On Fri, 16 Sep 2016 13:00:52 -0700 Robert Moulton via samba <samba at lists.samba.org> wrote: > Achim Gottinger via samba wrote on 9/15/16 1:20 AM: > > > > > > Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba: > >> On Wed, 14 Sep 2016 16:23:27 -0500 > >> Michael A Weber via samba <samba at lists.samba.org> wrote: > >> >
2016 Sep 16
2
Exporting keytab for SPN failure
Am 16.09.2016 um 22:49 schrieb Rowland Penny via samba: > On Fri, 16 Sep 2016 22:43:42 +0200 > Achim Gottinger via samba <samba at lists.samba.org> wrote: > >> >> Am 16.09.2016 um 22:00 schrieb Robert Moulton via samba: >>> Achim Gottinger via samba wrote on 9/15/16 1:20 AM: >>>> >>>> Am 15.09.2016 um 09:35 schrieb Rowland Penny via
2016 Sep 17
2
Exporting keytab for SPN failure
On Fri, Sep 16, 2016 at 6:08 PM, Achim Gottinger via samba <samba at lists.samba.org> wrote: > > > Am 17.09.2016 um 02:36 schrieb Achim Gottinger via samba: >> >> >> >> Am 17.09.2016 um 02:19 schrieb Achim Gottinger via samba: >>> >>> >>> >>> Am 17.09.2016 um 01:23 schrieb Robert Moulton: >>>> >>>>