Cyrus -> PAM? -> Win2K authentication
Richard Hopkins
Richard.Hopkins at bristol.ac.uk
Thu Jan 9 08:08:59 EST 2003
--On Friday, July 12, 2002 12:25 PM -0400 Ken Murchison <ken at oceana.com>
wrote:
>
>
>> Chris Wiegand wrote:
>>
>> Is it possible to configure cyrus to authenticate (via PAM, possibly)
>> against a Win2000 Active Directory/Domain?
>
> We are currently usin pam_smb to auth against a NT4 box. I haven't
> tried it with 2000 yet, we are upgrading in the next few weeks.
>
We've been using pam_smb against a 2000 box for our Cyrus authentication
for a while, but have terrible problems with it from time to time. So, I
thought about trying pam_krb5 instead. I had hoped that (with the necessary
underlying OS configuration done - verified by being able to login using
telnet and ftp) it would simply be a case of changing the references to
pam_smb in the pam.conf file (Cyrus platform is Solaris 8) to pam_krb5 and
away we'd go. Not so, though; authentication always fails and what I see
logged is...
Jan 9 12:57:15 tench PAM: [ID 705685 auth.debug] PAM-KRB5:
pam_sm_authenticate
Jan 9 12:57:15 tench PAM: [ID 729219 auth.debug] PAM-KRB5: pam_sm_auth
prompting for password
Jan 9 12:57:15 tench PAM: [ID 427203 auth.debug] pam_authenticate: error
Authentication failed
...logged
Does anyone know what the problem(s) might be?
Cheers,
Richard Hopkins,
Information Services,
Computer Centre,
University of Bristol,
Bristol, BS8 1UD, UK
Tel +44 117 928 7859
Fax +44 117 929 1576
More information about the Info-cyrus
mailing list