> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Ville Walveranta > Sent: Friday, 14 November 2008 4:29 PM > To: Postfix users > Subject: Re: Authenticating aginst ActiveDirectory? > > On Thu, Nov 13, 2008 at 10:32 PM, MacShane, Tracy > <[EMAIL PROTECTED]> wrote: > > I'm sorry, why do you need to sync passwords to relay mail to your > > Exchange servers? > > Actually there won't be an Exchange server any more; I'm > replacing it with Postfix. It's a small environment and there > isn't a dedicated server for Exchange available; it's been > sharing a server with AD which is a bad idea in the first > place. ...
Ahah, light dawns. > > > If you want AD users to logon to *nix boxes (which is nothing to do > > with mail services), enable Services for Unix on the AD, and setup > > LDAP authentication for the specified users in PAM. > > Perhaps this mechanism could be used for the mail > authentication as well in the above scenario. Postfix/Dovecot > should be able to do LDAP authentication via PAM > (http://www.dovecot.org/list/dovecot/2006-April/012454.html, > http://www.lxtreme.nl/index.pl/docs/linux/dovecot_postfix_pam). > > Ville > Yes, I certainly haven't had any problem with Unix services when enabling regular logons to a *nix server via AD authentication (I haven't tried Postfix/Dovecot authentication myself, but there's plenty of info for that, as you have found). It should certainly make your solution a lot simpler to implement.
