[Freeipa-users] Introduction and question regarding SMTP/IMAP
Dave Gonzalez
dgonzalezh at gmail.com
Sun Jun 22 16:41:36 UTC 2014
Hello there everyone David here,
I'm big time Red Hat fan, I work for a company where we have a small 20+
people directory, I'm currently using Samba4 to offer authentication to
Openfire, Postfix, Dovecot (using GroupOffice); but I want to switch
ebcause samba is a hassle to setup and whenever replication breaks it's
nearly impossible to rebuild, anyways, My current environment is Proxmox
VE 3 as virtualization platform and many CentOS/RedHat Servers holding
my services.
Please excuse me if this was already answered but after I went trhough
the archives I coulnd't find anyone facing the same issue, please bear
with me as I'm a newbie to FreeIPA and LDAP. I know I'm missing
something or doing it wrong but after a week struggling with this setup
I decided to call for the help of the experts.
My environment:
FreeIPA Server
CentOS 6.5 x86_64
Mail Server
CentOS 6.5
postfix-2.6.6-6.el6_5.x86_64
dovecot-2.0.9-7.el6.x86_64
ipa-python-3.0.0-37.el6.x86_64
ipa-client-3.0.0-37.el6.x86_64
python-iniparse-0.3.1-2.1.el6.noarch
libipa_hbac-1.9.2-129.el6_5.4.x86_64
libipa_hbac-python-1.9.2-129.el6_5.4.x86_64
I've followed these posts from Dale McCartney, whom I've also read his
posts around here
https://www.dalemacartney.com/2013/03/14/deploying-postfix-with-ldap-freeipa-virtual-aliases-and-kerberos-authentication/
http://www.freeipa.org/page/Dovecot_Integration
None of them seem to work at the moment when using Thunderbird with the
server set up as STARTLS Kerberos/GSSAPI -- Thunderbird also reports that
<quote>
"The kerberos/GSSAPI ticket was not accepted by the IMAP server
david at domain.com. Please chack that you're logged in to the
Kerberos/GSSAPI realm"
</quote>
with Dovecot I'm getting this
<code>
Jun 22 11:01:25 imap-login: Info: Disconnected: Inactivity (no auth
attempts): rip=1.1.1.1, lip=217.1.2.3
</code>
I tried manual telnet and use a authenticate gssapi which retuns "+"
which means module is indeed loading and the server is gssapi ready for
the challenge.
If anyone of you could point me into the right direction I'd really
value that.
Thanks
--- Regards David G.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140622/561431f3/attachment.htm>
More information about the Freeipa-users
mailing list