Cyrus & Active Directory
Paul Boven
p.boven at chello.nl
Sat Jul 8 09:06:54 EDT 2006
Hi everyone,
Nikola Milutinovic wrote:
>> Does anyone have a working recipe for getting Cyrus to authenticate
>> via Active Directory? I would greatly appreciate any assistance
>> you can offer.
> I have tried my best to integrate Cyrus IMAP into ADS properly, but
> have almost always fallen short. My colleague and I have managed to
> get AUTH PLAIN to work, via SASLAuth Daemon, using LDAP.
> My further attempt to use GSSAPI/Kerberos5 were met with limited
> success. Kerberos5 works, I created a service account in ADS (a
> normal user-like account), created and extracted a Kerberos5 key for
> IMAP/my.host.name at MY.REALM and I was able to use "cyradm" and
> authenticate via Kerberos against ADS. Unfortunately, the only client
> I was able to make use this mechanism was Thunderbird 1.5 on SuSE
> Linux 10.0. All other clients, including Outlook Express, failed to
> connect from a Windows workstation.
I've setup a working Cyrus/Sendmail/Active directory integration about
two years ago which has been working near flawlessly. I did a
presentation about it at the Dutch NLUUG conference in may 2005. The
paper unfortunatly is in Dutch, but if there's enough interest I could
translate it. Hopefully the code-examples provide enough of a lead already.
http://home.sara.nl/~boven/cyrus-sendmail-ads
Regards, Paul Boven.
More information about the Info-cyrus
mailing list