Hi!, I'm installing a Zimbra server to authenticate using SSO against FreeIPA. When when trying to access I'm getting an error which makes me think that probably I forget set something else in FreeIPA configuration.
Because I'm a newbie with using FreeIPA. And when I configured SSO with existing Kerberos installation it worked. So surely the mistake is mine to configure something on FreeIPA. I tell some details about it but if you need more information y can share it with all you. As a client to access via GSSAPI use Thunderbird. The error I get: "The Kerberos/GSSAPI ticket was not accepted by the IMAP server usu...@fi.example.com. Please check that you are logged in to the Kerberos/GSSAPI realm". Steps to Reproduce in FreeIPA: 1) I add the entry to the imap service by Identity Management. In Services HBAC add imap/fi.example....@fi.example.com. By clicking on it. I get the following information about status: - Key current Kerberos Service provided - Service Certificate: Certificate not valid 2) I got the keytab which is then used in the installation of Zimbra as follows: ipa-getkeytab freeipafi.example.com -p -s imap / zimbrafreeipa.fi.example.com -k /tmp/keytab/ticket.keytab Thanks for any help or clarification. Greetings!. -- Maria José
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project