From: Roland Pope (no email)
Date: Thu Mar 06 2003 - 17:26:43 EST
Hi,
I am running cyrus-imapd 2.1.12 on a RedHat 7.3 box and have been using
pam_smb via saslauthd to authenticate my outlook clients. Now that our DC's
are running Win2k, I would like to use kerberos under AD to do my auth.
I can get things working by changing the pam_smb_auth library in
/etc/pam.d/imap to pam_krb5.so which is good. The question I have is, is
there a way of caching credentials? The pam_krb5.so library appears to
support cached credentials, and when I log in using SSH and pam_krb5, a
cached credentials file is created in /tmp. But when I login to IMAP via
saslauthd->pam->kerberos, no file is created. The end result of this is that
I get a kerberos TGT with every login. Is there any way around this that
people are aware of?
I'm just trying to reduce the auth load on my DC's.
Thanks
Roland
|
|
|