- Previous message: Nikola Milutinovic: "Re: Cyrus & Active Directory"
- Maybe in reply to: Chris Hilts: "Cyrus & Active Directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Paul Boven (no email)
Date: Sat Jul 08 2006 - 09:06:54 EDT
Hi everyone,
Nikola Milutinovic wrote:
>> Does anyone have a working recipe for getting Cyrus to authenticate
>> via Active Directory? I would greatly appreciate any assistance
>> you can offer.
> I have tried my best to integrate Cyrus IMAP into ADS properly, but
> have almost always fallen short. My colleague and I have managed to
> get AUTH PLAIN to work, via SASLAuth Daemon, using LDAP.
> My further attempt to use GSSAPI/Kerberos5 were met with limited
> success. Kerberos5 works, I created a service account in ADS (a
> normal user-like account), created and extracted a Kerberos5 key for
> IMAP/ and I was able to use "cyradm" and
> authenticate via Kerberos against ADS. Unfortunately, the only client
> I was able to make use this mechanism was Thunderbird 1.5 on SuSE
> Linux 10.0. All other clients, including Outlook Express, failed to
> connect from a Windows workstation.
I've setup a working Cyrus/Sendmail/Active directory integration about
two years ago which has been working near flawlessly. I did a
presentation about it at the Dutch NLUUG conference in may 2005. The
paper unfortunatly is in Dutch, but if there's enough interest I could
translate it. Hopefully the code-examples provide enough of a lead already.
http://home.sara.nl/~boven/cyrus-sendmail-ads
Regards, Paul Boven.
---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|