[Dovecot] NTLM authentication woes
lars at skovgaarddesign.dk
Sat Dec 23 17:13:13 UTC 2006
I have set up dovecot to use a number of different authentication-
mechanisms, which are all working as expected from well-behaved
clients. However, MS Outlook on Windows and MS Entourage X on Mac OS
X refuse to connect using NTLM.
Outlook Express on Windows seems to be working fine, and NTLM
authentication works from within OS X Mail.app as well.
Turning on auth_debug and auth_verbose has led me to discover that MS
Outlook uses the users full name as login, instead of whatever is
entered in the account-information - if the user "John Doe" has the
login "jd at domain.com", Outlook sends "John Doe" instead. This of
course fails. Strangely enough, if I turn off "Use Secure
Authentication" from within Outlook, the login-name from the account-
information is used as it should be.
From MS Entourage, the problem is similar but not identical. Here,
the login is sent as "jd at domain.com/jd".
I have worked around the problem for now by instructing my clients to
use SSL-connections and disabling "Secure Authentication", but would
like for everyone to be able to log on without using SSL (due to the
returning questions regarding my self-signed certificate).
Can anyone shed some light on why the MS apps refuse to behave?
Thanks in advance!
PS: I wish you all a merry christmas and a happy new year! :o)
More information about the dovecot