Exim 4 and GSSAPI
Ing. Tomáš Kala
kala at barbucha.eu
Thu Nov 14 14:27:26 GMT 2024
Greetings,
I still looking for a guide, how to set up Exim 4 with GSSAPI
authentication, but all I've found, is too old. The method is mentioned
only. The Wiki page <https://github.com/Exim/exim/wiki/Authentication>
does provide information about GSSAPI neither. What Kerberos is
supported? MIT or Heimdal? Does Exim forward the ticket to SASLAUTHD in
background or does Exim check it on its behalf?
Name and password authentication is forwarded to SASLAUTHD, that can I
see in its log. But when I try to use GSSAPI, I keep getting on client side:
-- 535 Incorrect authentication data
gsasl: Serverfehler
And in Exim log: gssapi_server authenticator (gssapi): Cyrus SASL
username fetch problem: generic failure. However, that message appears
in case of wrong name or password too. The difference is, that SASLAUTHD
does not indicate any reaction or interaction with Exim4 in case of
Kerberos ticket. (I use the MIT Kerberos and Samba 4 as AD DC.)
Is there either a guide or is the solution already obsolete? (My
previous working configuration was from 2016.) Could Dovecot
authentication backend instead of SASL help me? Dovecot works well with
GSSAPI. But neither any howto found.
Thanks a lot and have a nice day
TK, Barbucha.EU
More information about the Pkg-exim4-users
mailing list