We have been happily using Washington imap and pop for several years on Solaris, using NIS authentication. We are in the process of making two migrations: (1) from Solaris towards Linux (2) from NIS authentication towards Active Directory (via PAM/krb5) authentication. So that's four combinations.
1. Solaris/NIS: Fine; using for years; 2. Linux/NIS: Fine; using for a few months; 3. Solaris/AD-via-PAM: Fine (PAM only uses perm_krb5 not pam_unix; verified on accounts with deliberately different NIS and AD passwords); 4. Linux/AD: Trouble. Following the FAQ (PAM for plaintext passwords) I rebuilt with "make lnp". But neither password works. Have tried versions imap-2002c1 and imap-2002e. (The other services on the box (telnet, rlogin, etc.) are fine: "/etc/pam.d/system-auth" has, for the moment, been set to accept either password.) In debugging this Linux/AD, I determined that in "src/osdep/unix/ckp_pam.c": if ((pam_start ((char *) mail_parameters (NIL,GET_SERVICENAME,NIL), pw->pw_name,&conv,&hdl) != PAM_SUCCESS) || (pam_set_item (hdl,PAM_RHOST,tcp_clientaddr ()) != PAM_SUCCESS) || (pam_authenticate (hdl,NIL) != PAM_SUCCESS) || (pam_acct_mgmt (hdl,NIL) != PAM_SUCCESS) || (pam_setcred (hdl,PAM_ESTABLISH_CRED) != PAM_SUCCESS)) { "pam_start()" and the first "pam_set_item()" were succeeding, but that "pam_authenticate()" fails. Further, I suspect that "checkpw_conv()" (part of the "&conv" argument) is not being called (it didn't stop at a breakpoint on the routine, whereas it does on (working) Solaris/AD). [ System details: /etc/redhat-release: Red Hat Linux release 9 (Shrike) uname -a: Linux pluto2 2.4.20-19.9smp #1 SMP Tue Jul 15 17:04:18 EDT 2003 i686 i686 i386 GNU/Linux cc --version: cc (GCC) 3.2.2 20030222 (Red Hat Linux 3.2.2-5) ] Any thoughts, tips, hints etc. and what I might have missed? (Or known bugs/issues, etc.?) -- : David Lee I.T. Service : : Systems Programmer Computer Centre : : University of Durham : : http://www.dur.ac.uk/t.d.lee/ South Road : : Durham : : Phone: +44 191 334 2752 U.K. : -- ------------------------------------------------------------------ For information about this mailing list, and its archives, see: http://www.washington.edu/imap/c-client-list.html ------------------------------------------------------------------