| Hello I configured 2x postfix instances which uses shared disk as mail storage and they act as MX server and smtp server at same time. First server mx0.example.com and mx1.example.com and smtp.example.com points to ip address of both servers. The service principal smtp/mx0.example....@example.com controlled by both hosts and saslauthd is also configured to use service keytab (entire system is managed by freeipa). If I use smtp.example.com (alias of service principal) to send emails I am getting following error: nov 28 23:44:21 mx0.example.com postfix/smtps/smtpd[6110]: GSSAPI server step 1 nov 28 23:44:21 mx0.example.com postfix/smtps/smtpd[6110]: warning: SASL authentication failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Request ticket server smtp/smtp.example....@example.com found in keytab but does not match server principal smtp/mx0.example.com@) nov 28 23:44:21 mx0.example.com postfix/smtps/smtpd[6110]: warning: [xxx.xxx.xxx.xxx]: SASL GSSAPI authentication failed: authentication failure If I use mx0.example.com (primary alias of service principal) I can send emails easily. Currently I am using plain auth as workaround to send emails. Does anyone have idea to solve/debug this? Anvar Kuchkartaev
an...@anvartay.com |
- Kerberos principal name mismatch Anvar Kuchkartaev
- Re: Kerberos principal name mismatch Viktor Dukhovni
