[Freeipa-users] Dovecot imap authentication with IPA/Kerberos

Dale Macartney dale at themacartneyclan.com
Mon Jan 30 13:10:47 UTC 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks Ondrej,

although not directly the cause you did manage to get me in the right
direction.

selinux and permissions were fine, it was actually tailing to locate the
mailbox... i went through quite a few logs to find out that the auth
requests were actually successful to IPA..

one extra line was needed in dovecot.conf to allow it to work. However
this was not an ipa issue at all.

mail_location = mbox:~/mail:INBOX=/var/mail/%u

Clearly dovecot was looking in the wrong location for a mail file.

Cheers

Dale



On 01/30/2012 12:45 PM, Ondrej Valousek wrote:
> Dovecot is not running as root -> can't read your krb5.keytab...?
>
> On 01/30/2012 01:16 PM, Dale Macartney wrote:
> Hi all
>
> I'm working on a test lab setup at the moment with RHEL 6.2 running IPA
> 2.1 and experimenting with simple mail server setups. .
>
> I have mail being received base on pam lookups from IPA. The mail server
> is tapped into IPA via the ipa-client-install.
>
> I am using a default install of the dovecot rpm from RHN, and dovecot is
> listening via imap/imaps, however all authentication requests fail when
> attempting to login via imap..
>
> I added the necessary keytabs for imap/mail.example.com and
> imaps/mail.example.com to /etc/krb5.keytab but this hasn't allowed
> authentication.
>
> has anyone set up dovecot through IPA before? Any recommendations?
>
>
> thanks all
>
> Dale
>
>
>>
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>
> -------------------------
> Proud winners of the prestigious Irish Software Exporter Award 2011
from Irish Exporters Association (IEA). Please, refer to our web site
for more details regarding the award.
> -------------------------
> The information contained in this e-mail and in any attachments is
confidential and is designated solely for the attention of the intended
recipient(s). If you are not an intended recipient, you must not use,
disclose, copy, distribute or retain this e-mail or any part thereof. If
you have received this e-mail in error, please notify the sender by
return e-mail and delete all copies of this e-mail from your computer
system(s). Please direct any additional queries to:
communications at s3group.com. Thank You. Silicon and Software Systems
Limited. Registered in Ireland no. 378073. Registered Office: South
County Business Park, Leopardstown, Dublin 18
> -------------------------
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPJpbOAAoJEAJsWS61tB+qVr0P+wWAyTGvYAPiTOULdY/zAvyM
Tn6Of0Sz+/HMJCiLZuajGuIprnqkJqt9XW7a3pwAN9zrFp3J3hQb2ObljcqcBro/
7L6WRJQODp3wAG327kyrPOz97GpAY7WSujiO3+9KhASy7To1Lt/9VMUQJ8f4nzT5
6hzRJJG3js+gTNusuXz9dhN+NmsWcJOAfTYIM+n5jf5crg/UqnpzugVb34ZH8n6D
NPfG5i/ATWfvTavaF7JsOmBiWaNVAmYZ+zBWEMxjmRdOn2GdWS1ZC2p3+L3fvV2F
lkVv2k5RB1dvk6ncYp4BnBUIxRJKVCqeG10ENtMJU+4vY4rjJ0kv9wQOVgFICuhM
XyRyNj6U5oVNIcGm25C6j7nphUY7EzTub7Ftg659Ar4KMXV8Db7Rb2moebzFRU4Z
Ri/sRal6+Nbwt2VmICVf3yMADXhJ4yPPF/ZMMDG6TlBZ5DfEVJ4PpUQt5nzjXchF
hZ4okKyuMuiZqfo1V+8HCmVBSYaGnTHhfJouvJibIdOu5Y72ES8zPnR714siMSRG
0a+/hv9MzDiFW9IKF/tmE2emWk9DK0d1h2N2MnN91BqnqJCNq+Oh7/2FmQsOkBOW
+hL3fGiShYgedfCm7yF7B+1vvYLbLTgbu1g3WwiqqISehg5sUGeOehSgGFJyh3dc
InOQ0uG0nRKbEJxYQzdB
=/A/H
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120130/c7b9b108/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xB5B41FAA.asc
Type: application/pgp-keys
Size: 5790 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120130/c7b9b108/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xB5B41FAA.asc.sig
Type: application/pgp-signature
Size: 543 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120130/c7b9b108/attachment.sig>

More information about the Freeipa-users mailing list