I'm installing a Zimbra server to authenticate using SSO against FreeIPA.
When when trying to access I'm getting an error which makes me think that
probably I forget set something else in FreeIPA configuration.
Because I'm a newbie with using FreeIPA.
And when I configured SSO with existing Kerberos installation it worked.
So surely the mistake is mine to configure something on FreeIPA.
I tell some details about it but if you need more information y can share
it with all you.
As a client to access via GSSAPI use Thunderbird.
The error I get:
"The Kerberos/GSSAPI ticket was not accepted by the IMAP server
Please check that you are logged in to the Kerberos/GSSAPI realm".
Steps to Reproduce in FreeIPA:
1) I add the entry to the imap service by Identity Management.
In Services HBAC add imap/fi.example....@fi.example.com.
By clicking on it.
I get the following information about status:
- Key current Kerberos Service provided
- Service Certificate: Certificate not valid
2) I got the keytab which is then used in the installation of Zimbra as
ipa-getkeytab freeipafi.example.com -p -s imap /
zimbrafreeipa.fi.example.com -k /tmp/keytab/ticket.keytab
Thanks for any help or clarification.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project