On 02/02/2011 04:17 PM, Timo Sirainen wrote: > > It does set that, but only on first GSSAPI authentication. I guess it > wouldn't hurt moving it to do it always. If that script helps you, I can > do this change. It appears that the script you recommended doesn't do the trick. Does /usr/libexec/dovecot/auth clear the environment. Even doing it manually from the command line the openldap stuff doesn't seem to pick up the KRB5_KTNAME environment variable.
I can kinit on the command line and get auth to work, but the kinit doesn't hold over to the dovecot process (for good reasons I am sure). Some how this needs to be fixed so that GSSAPI through SASL will work. I am not sure where to go from here as I am learning LDAP as I mess with this stuff. Is there anyone on the list who has any ideas? (I would prefer this be service principals as well, if possible.) Thank you, Trever Adams -- "All this technology has somehow made you a stranger in your own land." -- Robert M. Pirsig
signature.asc
Description: OpenPGP digital signature
