On Tue, 21 Dec 2004, Aleksandar Milivojevic wrote:
saslauthd: auth_krb5: krb5_get_init_creds_password
saslauthd: do_auth : auth failure: [user=username] [service=imap] [realm=] [mech=kerberos5] [reason=saslauthd internal error]
Do you have a host/(hostname) key in the database?
OK, so I added host/hostname key. And the authentication against AD now works. I guess this step can't be skipped...
However, I have several AD domains. Is it possible to define list of users and to which domain (realm) they belong, so that they just type the username (which is guaranteed to be uniq across all realms in my case), and cyrus imapd/saslauthd autheticates against correct AD server?
If the only way is for the user to specify the realm (as in [EMAIL PROTECTED]) when logging in (which I'd rather avoid, if possible), I have another problem ;-)
When I type [EMAIL PROTECTED] in MUA, authentication goes well, but IMAPD responds with "invalid mailbox" message. Do I need to create (in this case) all mailboxes as [EMAIL PROTECTED] Or?
-- Aleksandar Milivojevic <[EMAIL PROTECTED]> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
