On Sun, 2009-08-30 at 14:29 -0600, Jason Gunthorpe wrote: > The kerberos setup is pretty easy.. 'net ads join' your server, go > into the adsi editor and provide a imap and smtp SPN for the host, use > 'net ads keytab' to put the imap and smtp SPNs in the system keytab, > and then you are good to go. I test it with mutt first as the error > messages are somewhat better.
Ouch, can you go a little more slowly, please? I think I've joined the domain OK: ccimap:~# net ads testjoin Join is OK ccimap:~# net ads info LDAP server: 10.6.1.245 LDAP server name: orwell.ad.laterooms.com [...] But I have no idea how / where you add a service principal with ADSIEdit - can you point me in the right direction? Kerberos is still mainly a mystery to me (and I'm sure many others!) gdh
