I am not aware of anyone who has been able to get this to work. I have not spent time analyzing the situation but the fundamental cause of the problem appears to be a failure either to obtain PAC information in the cross-realm service ticket which Exchange requires; or a failure of the user principal name to belong to a realm in which Exchange can then lookup additional information within the Active Directory.
Whichever the cause it does appear that Exchange was designed to be a Microsoft only solution. Jeffrey Altman Subu Ayyagari wrote: > Is there anyone who has managed to use Exchange2003 > when Windows 2003 domain has a trust with unix Kerberos, > so that unix KDC provides authentication to all users? > >>From systems that are not part of the windows domain, > POP and IMAP connectivity to Exchange2003 just do not work. > OWA works using UPN ([EMAIL PROTECTED]) though. > > Appears the only way would be to have an out-of-band process > to syncup passwords between unix KDC and Windows ADS. > and throw out the cross-realm trust. > > Any suggestions/comments? > > -subu > email: [EMAIL PROTECTED] > > > > > > > > ________________________________________________ > Kerberos mailing list [EMAIL PROTECTED] > https://mailman.mit.edu/mailman/listinfo/kerberos > -- ----------------- This e-mail account is not read on a regular basis. Please send private responses to jaltman at mit dot edu ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
