authentication using kerberos
Aleksandar Milivojevic
amilivojevic at pbl.ca
Wed Dec 22 17:12:54 EST 2004
Rob Siemborski wrote:
> On Tue, 21 Dec 2004, Aleksandar Milivojevic wrote:
>
>> saslauthd: auth_krb5: krb5_get_init_creds_password
>> saslauthd: do_auth : auth failure: [user=username] [service=imap]
>> [realm=] [mech=kerberos5] [reason=saslauthd internal error]
>
>
> Do you have a host/(hostname) key in the database?
OK, so I added host/hostname key. And the authentication against AD now
works. I guess this step can't be skipped...
However, I have several AD domains. Is it possible to define list of
users and to which domain (realm) they belong, so that they just type
the username (which is guaranteed to be uniq across all realms in my
case), and cyrus imapd/saslauthd autheticates against correct AD server?
If the only way is for the user to specify the realm (as in user at domain)
when logging in (which I'd rather avoid, if possible), I have another
problem ;-)
When I type user at domain in MUA, authentication goes well, but IMAPD
responds with "invalid mailbox" message. Do I need to create (in this
case) all mailboxes as user at domain? Or?
--
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list