-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, 2 Dec 2017, Mark Foley wrote:
I have a Samba4 Active Directory server. Dovecot authenticates AD Users with
domain credentials
using GSSAPI (Thunderbird client). I believe I have Dovecot set to attempt
authentication via
^^^^^^^^^^ ????
shadow first and. failing that, it does authenticate via GSSAPI.
Smartphones connect to Dovecot via port 143 and SSL. They are not domain
members so if the
shadow authentication fails, no other methods are tried and no connection is
made.
What can I do with my dovecot config to fix this?
If you are asking about how to auth against AD with plain credentials, see
https://wiki2.dovecot.org/AuthDatabase/LDAP
You can add another passdb {} . However, this enables any client to use
plain credentials, incl. Thunderbird.
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEVAwUBWi4pxMQnQQNheMxiAQJeKQf/UmSsc1YRSgPAJKEjB12lJCpCX2oj8Wfd
qV9by9tyU942gNsAArBzMaSxgRWYb8yr6lmuPer0/HZJCQyExchjGgzc/HDeMJPU
uxt0dOVvY4SXmfwv+phwlDO3UvDt5sagLNNx54v8nal+OIxAZ+juAxs/NiNPTlt+
78R7TGaRj6Fxoyc/Ssf1CbCVr2ECK6m1YtJ+Jpe6Zi5FPMndx9rwWj/MMp5CW93/
UDUMM2wWoYBavzBXIEVb8Xi9n7PYJH8kdA4YILQdNrYTQR5k6XDLsKH9UYc/n216
CjktUGSC75E3zUk8a665gDJ+D/CjPfJSz/DICgkIeGAzweUfvVZk3Q==
=L5oG
-----END PGP SIGNATURE-----
