Thanks a lot Viktor, I'm going check this!
________________________________
De: Viktor Dukhovni [via Postfix] <ml-node+s1071664n88894...@n5.nabble.com>
Enviado: quarta-feira, 15 de fevereiro de 2017 19:01:42
Para: luistkd4
Assunto: Re: Error authentication with NTLM
> On Feb 15, 2017, at 3:02 PM, luistkd4 <[hidden
> email]</user/SendEmail.jtp?type=node&node=88894&i=0>> wrote:
>
> Viktor I change my smtpd.com, follow:
>
> log_level: 7
> pwcheck_method: auxprop
> mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLM
> saslauthd_path: /var/run/saslauthd/mux
> ntlm_v2: yes
> ntlm_server: serverad.local
>
> ntlm_server i set my active directory, so now I can connect but have new
> error:
> SASL NTLM authentication failed: generic failure
>
> Maybe like you tell I need be member of windows domain?
Well, that's why I said it. What's more even with the host a member of the
domain, the process doing the NTLM check needs to have sufficient privilege
to access appropriate Windows credentials so that the Windows DC will allow
it to perform what amount to online dictionary attacks. Presumably the
Cyrus saslauthd (likely running as root) will have the relevant access and
the NTLM SASL module will know where to find the credentials, assuming that
the software you use to join the domain sets everything up in the way that
SASL expects.
You're getting yourself into a rather advanced configuration that requires
interoperability between many independently designed systems. Good luck!
--
Viktor.
________________________________
If you reply to this email, your message will be added to the discussion below:
http://postfix.1071664.n5.nabble.com/Error-authentication-with-NTLM-tp88865p88894.html
To start a new topic under Postfix Users, email
ml-node+s1071664n2...@n5.nabble.com
To unsubscribe from Error authentication with NTLM, click
here<http://postfix.1071664.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=88865&code=bWlndWVsX2Zsb3Jlc19zYW50b3NAaG90bWFpbC5jb218ODg4NjV8LTYyMTk1MTUwMQ==>.
NAML<http://postfix.1071664.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Error-authentication-with-NTLM-tp88865p88895.html
Sent from the Postfix Users mailing list archive at Nabble.com.
