Enable GSSAPI/Kerberized IMAP

author Alex Dehnert <adehnert@mit.edu>

Wed, 31 Oct 2012 10:23:19 +0000 (06:23 -0400)

committer Alex Dehnert <adehnert@mit.edu>

Wed, 31 Oct 2012 10:23:43 +0000 (06:23 -0400)
author Alex Dehnert <adehnert@mit.edu>
Wed, 31 Oct 2012 10:23:19 +0000 (06:23 -0400)
committer Alex Dehnert <adehnert@mit.edu>
Wed, 31 Oct 2012 10:23:43 +0000 (06:23 -0400)
diff --git a/conf.d/10-auth.conf b/conf.d/10-auth.conf

index d08f3453511da807fe9f608407962b5c7fe866f1..beb6f73e693ca8fc7c0d0274f3f2c2270f1e0de2 100644 (file)
--- a/conf.d/10-auth.conf
+++ b/conf.d/10-auth.conf
@@ -72,7 +72,7 @@
  # Kerberos keytab to use for the GSSAPI mechanism. Will use the system
  # default (usually /etc/krb5.keytab) if not specified. You may need to change
  # the auth service to run as root to be able to read this file.
-#auth_krb5_keytab = 
+auth_krb5_keytab = /etc/dovecot/imap.keytab
  
  # Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
  # ntlm_auth helper. <doc/wiki/Authentication/Mechanisms/Winbind.txt>
@@ -96,7 +96,7 @@
  #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
  #   gss-spnego
  # NOTE: See also disable_plaintext_auth setting.
-auth_mechanisms = plain
+auth_mechanisms = plain gssapi
  
  ##
  ## Password and user databases
author	Alex Dehnert <adehnert@mit.edu>
	Wed, 31 Oct 2012 10:23:19 +0000 (06:23 -0400)
committer	Alex Dehnert <adehnert@mit.edu>
	Wed, 31 Oct 2012 10:23:43 +0000 (06:23 -0400)