On Thu, May 13, 2010 at 01:07:00PM -0400, Matt Hayes wrote:
> > You'll also need keys for "host/<servername>@EXAMPLE.COM" where
> > "EXAMPLE.COM" is your AD Kerberos realm and "servername" is the hostname
> > of your Postfix SMTP server. These should be in /etc/krb5.keytab.
> >
>
> *bows before the master*
Not necessary. If you don't have any experience setting up Unix systems
as Kerberos clients of Active Directory, this will take a bit of time
to figure out... Good luck!
IF your Unix nodes are already Kerberos enabled, but Unix uses a different
realm, things can get a lot more complicated, since PAM will want to
authenticate users in the "local" realm, getting PAM to work in a
cross-realm environment is not something I've yet tried to do.
--
Viktor.
P.S. Morgan Stanley is looking for a New York City based, Senior Unix
system/email administrator to architect and sustain our perimeter email
environment. If you are interested, please drop me a note.
