On Wed, 2011-02-02 at 14:29 -0700, Trever L. Adams wrote:
> dn = smtp/mailhost.example....@example.org
> sasl_bind = yes
> sasl_mech = GSSAPI
> sasl_realm = EXAMPLE.ORG
> sasl_authz_id = smtp/mailhost.example....@example.org
LDAP SASL authentication goes through Cyrus SASL library, nothing
Dovecot can do about it, except for me to write my own LDAP library.
> Additionally, I have "auth_krb5_keytab = /etc/dovecot/krb5.keytab" setup
> for the GSSAPI user login.
So this setting is never used. If that's the problem, you could try if
you can work around it in a bit kludgy way:
service auth {
executable = /usr/local/bin/auth-wrapper.sh
}
Which contains:
#!/bin/sh
export KRB5_KTNAME=/etc/dovecot/krb5.keytab
exec /usr/local/libexec/dovecot/auth -k
