[Dovecot] GSSAPI and virtual Users?
Timo Sirainen
tss at iki.fi
Sat Mar 25 12:24:48 EET 2006
On Wed, 2006-03-15 at 16:32 +0100, Jelmer Vernooij wrote:
> On Wed, Mar 15, 2006 at 04:23:05PM +0100, S. Thias wrote:
> > is there a possibility to map login-names to allowed
> > Kerberos-Principals? At the moment GSSAPI-authentication seems to work
> > only if loginname and kerberos-principal are the same, or am I missing
> > something?
> I'm afraid that at the moment, that's not (yet) possible.
I added now a pass=yes option to passdbs. This allows doing the
conversion using eg.:
passdb passwd-file {
args = /etc/imap.users
pass = yes
}
Where the imap.users file would contain entries like:
imapuser:::::::user=realuser
Or it could be done with SQL, LDAP or whatever.
Now if only the GSSAPI code could somehow be told to do these passdb
lookups. :) Maybe it should do it always for pass=yes passdbs? I'm not
really sure..
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20060325/2a27de64/attachment.pgp
More information about the dovecot
mailing list