On Thu, Feb 03, 2011 at 01:17:02AM +0200, Timo Sirainen wrote: > > Postfix (the other half of my solution -- though the version I am using > > doesn't do SASL LDAP yet, but 2.9.x does) allows you, in the > > configuration, to set what environment variables it should not unset and > > even define new ones (an example -- import_environment = > > KRB5_KTNAME=/etc/dovecot/krb5.keytab). This may be a good solution for > > Dovecot specifically for things like this. > > Maybe.. But there haven't really been all that many uses for it.
Windows AD's LDAP server behaves by default in the same way, in that all LDAP must be authenticated - this makes alot of sense, IMHO. It would be nice to have LDAP out of the box support kerberos authentication using the machine principle setup by samba. Jason