>The basic Kerberos/IMAP setup seems to work...as I can authenticate, >and read mail. But IMAP cannot write to the user's AFS based Sent >folder. Nor can the user access any of their other AFS based mail >folders via IMAP.
My question to you is ... "how did this work before?" Authentication to a server (such as an IMAP server) doesn't mean that server gets the necessary Kerberos bits to do things like access AFS on behalf of that user; it just means it's proved that users identity via Kerberos. To actually provide access to AFS on a server, you need to forward over a copy of a user's TGT, and I don't think (a) any Kerberized IMAP clients will do that and (b) I don't think any IMAP servers would know what to do with a TGT that case. (I am presuming that when you say "Kerberos 5", you are NOT referring to "validating a plaintext password via a Kerberos 5 database"; if that's what you mean, then I think Doug's suggestions will point you on the right track). --Ken _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
