GSSAPI for various murder component setups

Dan White dwhite at
Wed Jun 20 09:29:59 EDT 2012

On 06/19/12 19:04 -0700, Stephen Ingram wrote:
>Thank you for your continued help with this. I really appreciate it
>and am determined to get to the end of this.
>I think I'm getting closer. I have successfully authenticated using
>mupdatetest from one of the backends to the mupdate server. I'm using
>service principals on both ends. I've even specified the
>imap/ part of the principal in the admins: section of
>the configuration and after solving several configuration issues on my
>end, it seems to work! I came across a post from you some time ago
>talking about /etc/krb.equiv. Would this be an easier way to do this?
>I tried placing that file on the mupdate server and loaded it with
>imap/ imap1 and then placed admins: imap1 in my
>imapd.conf file, but I'm not sure if it works. Do I have to tell cyrus
>about that file somewhere?

I have not used /etc/krb.equiv before, but the last time I dug into the
code trying to understand it, I came away with the impression that it's
used for kerberosv4 only. Apparently it would be a way to map
'imap/' to 'imap1'. It might work just as well to just
place 'imap/' or 'imap/ at EXAMPLE.COM' into
your proxyservers/*_admins entries.

I know that this format works, because it's what I currently have in my
config: at EXAMPLE.NET

Dan White

More information about the Info-cyrus mailing list