Authenticate Cyrus off active directory
etienne.goyer at linuxquebec.com
Wed Dec 3 10:35:55 EST 2003
We are doing it using Kerberos. It's (relatively speaking) easy.
First, read and follow the step described in
to make your Linux server interoperate with the AD KDC. Then set
saslauthd to use Kerberos instead of PAM :
saslauthd -n0 -a kerberos5
The -n0 is required as saslauthd with the kerberos5 plugin seriously
leak memory on RedHat 7.3.
That's about it ... if you have questions, feel free to ask !
On Wed, Dec 03, 2003 at 02:36:51PM +0000, Alain Williams wrote:
> I am seeking advice on how to authenticate Cyrus off a Microsoft Active directory server.
> The users will not have Linux accounts, I don't want to modify AD at all - the only Linux
> is the web mail, so I don't want to insert the extra (unix) fields into the database.
> I have saslauthd currently working off pam.
> I don't mind if I authenticate using kerberos or ldap - whatever works.
> I am running Cyrus and Sasl 2.1.15 on top of SuSE Linux (enterprise server 8).
> Uses will (mainly) access cyrus via horde/imp webmail.
> Can anyone give a simple HOWTO for this ?
> Many thanks.
> Alain Williams
> #include <std_disclaimer.h>
> FATHERS-4-JUSTICE - Campaigning for equal rights for parents and the
> best interests of our children. See http://www.fathers-4-justice.org
Etienne Goyer Linux Québec Technologies Inc.
http://www.LinuxQuebec.com etienne.goyer at linuxquebec.com
More information about the Info-cyrus