Secure authtentication (SPA) with MS Outlook 2002?
Ken Murchison
ken at oceana.com
Tue Oct 26 07:29:12 EDT 2004
sam wun wrote:
> Roland Pope wrote:
>
>> ----- Original Message ----- From: "sam wun" <sam.wun at authtec.net>
>>
>>
>>> Do you know how to configure imapd.conf to support NTLM authentication?
>>>
>>
>> You need to have the SASL NTLM plugin in your SASL plugins directory
>> (/usr/lib/sasl2/libntlm.so under RedHat Linux). If it's not there,
>> you will
>> need to recompile SASL with --enable-ntlm set.
>> To enable IMAP use of NTLM you can use 'sasl_mech_list: NTLM' and
>> 'sasl_ntlm_server: mywindowsdc' (where 'mywindowsdc' is the name of your
>> windows domain controller), in your imapd.conf file.
>>
>>
> There is one problem, there is no windows domain controller.
> The email gateway is a FreeBSD system. All email clients are
> authenticated thru this gateway.
You do not have to set sasl_ntlm_server. If not set, then the mail
server will generate its own challenges and verify the password from
whatever auxprop plugin you are using (e.g. sasldb).
sasl_ntlm_server is only used if you already have a windows domain
controller present and don't want to duplicate passwords.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list