Andreas --> cyrus-sasl (2004-08-16 10:17:54 -0300):
> On Sat, Aug 14, 2004 at 05:57:55PM +0200, Jukka Salmi wrote:
> > On gssapi.html[4] it tells about environment variables used by the
> > kerberos libraries to determine the keytab file, i.e. KRB5_KTNAME for
> > Heimdal (which I can confirm to be
On Sat, Aug 14, 2004 at 05:57:55PM +0200, Jukka Salmi wrote:
> On gssapi.html[4] it tells about environment variables used by the
> kerberos libraries to determine the keytab file, i.e. KRB5_KTNAME for
> Heimdal (which I can confirm to be correct).
That variable only works for MIT as far as I know
(This discussion should be continued on the SASL list IMHO.)
Stephen --> info-cyrus (2004-08-15 02:32:00 +1200):
[...]
> Also, I tried exporting the keytab to a file /etc/krb5-cyrus.keytab, and
> added the line below to /etc/imapd.conf, but the imap server wouldn't
> respond to a keytab in /etc/
Sucess thanks, Jukka and Andreas.
Reporting back for anyone else...
I stumbled over "imtest -a cyrus -m gssapi -p imap2 localhost" for a
moment, until I used the fqdn of the imap server, "imtest -a cyrus -m
gssapi -p imap2 silver.acme.co.nz" . I used the -a switch with imtest
for gssapi to w
On Fri, Aug 13, 2004 at 10:09:32AM +1200, Stephen wrote:
> I guess it'll help a lot if I add some config files. I'm running gentoo.
> Domain names and realms changed to protect the innocent.
>
> I've added imap/kerberos.acme.co.nz to the keytab file and changed
> ownership to cyrus.
>
> I'm won
On Fri, Aug 13, 2004 at 09:26:30AM +1200, Stephen wrote:
> Thanks for that, Andreas
>
> By the way, what have you got "sasl_pwcheck_method" set to in
> /etc/imapd.conf?
auxprop (because I also use digest-md5 and cram-md5, not just gssapi)
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus
Stephen --> info-cyrus (2004-08-13 10:09:32 +1200):
> I'm wondering if sasl_pwcheck_method in /etc/imapd.conf should be
> changed if one requires gssapi authentication. I tried setting it to
> "gssapi" but it didn't help. What should be value be?
Quoting imapd.conf(5):
sasl_pwcheck_meth
I guess it'll help a lot if I add some config files. I'm running gentoo.
Domain names and realms changed to protect the innocent.
I've added imap/kerberos.acme.co.nz to the keytab file and changed
ownership to cyrus.
I'm wondering if sasl_pwcheck_method in /etc/imapd.conf should be
changed if
Thanks for that, Andreas
By the way, what have you got "sasl_pwcheck_method" set to in
/etc/imapd.conf?
Cheers
Stephen
Andreas wrote:
On Thu, Aug 12, 2004 at 01:10:05PM +1200, Stephen wrote:
3. The missing piece is how to link cyrus-imap and GSSAPI. Kerberos
is operationa
Andreas --> info-cyrus (2004-08-12 10:11:26 -0300):
> On Thu, Aug 12, 2004 at 01:10:05PM +1200, Stephen wrote:
> > 3. The missing piece is how to link cyrus-imap and GSSAPI. Kerberos
> > is operational and I have tried
> > "addprinc -randkey host/kerberos.ourdomain" and then "ktadd
> >
On Thu, Aug 12, 2004 at 01:10:05PM +1200, Stephen wrote:
> 3. The missing piece is how to link cyrus-imap and GSSAPI. Kerberos
> is operational and I have tried
> "addprinc -randkey host/kerberos.ourdomain" and then "ktadd
> host/kerberos.ourdomain", but still can't authenticate.
11 matches
Mail list logo
