I wrote something about this to the list earlier. See my message in the archive:
http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=1 2045 Michael --On Sunday, January 27, 2002 19:56:08 -0600 Adam Thornton <[EMAIL PROTECTED]> wrote: > Here's my situation: > > I want to use Cyrus imapd to handle mail in AFS space; I'm using OpenAFS > 1.2.2, which is roughly equivalent to Transarc 3.6. > > I'd like to have Cyrus use the pts server for its ACLs, since I already > have working ACLS and it makes my life a lot easier. I also have no > reason to keep my users in /etc/passwd, since I'll be spreading mail > across a bunch of machines, so I really want to authenticate against > Kerberos, not /etc/passwd. The principals all look like v4 principals > (because they're intended for use with AFS), but they really do live in > K5 space: > > I'm not really running Kerberos IV; instead I'm using MIT krb5 1.2.2, > and using the MIT krb524d to convert tickets. All that works fine. > > I was able to convince SASL-2.1.0 to build against the KerberosIV > libraries, but not saslauthd, largely (I think) because the des.h in K4 > gets along extremely poorly with the des.h in OpenSSL. > > Once I turn to imapd itself, I can more or less bully things into > compiling, except for ipop3d, which gets upset over the krb.h in > /usr/local/include/kerberosIV. > > My question is: is there anyone else out there using Cyrus imapd in > conjunction with user homes and folders in AFS-space, and if so, is > there anybody doing with with a krb5 implementation, rather than v4, > under the covers? Am I even on the right track with what I'm trying to > do? > > Adam > >
