292831Re: GSSAPI SMTPD Authentication and MS Active Directory
- Apr 24, 2013--On Wednesday, April 24, 2013 5:35 PM -0700 Matthew Larsen
>If you replaced Exchange 2003 with Zimbra, and set up external auth to your
> I'm working on a project to replace an Exchange 2003 server that is only
> still around these days because we have lots of SMTP clients around the
> country that use it as an SMTP relay. It only relays messages for
> clients authenticated by our Active Directory domain. Members of a
> group in the parent domain and a group in the child domain are given
> relay permissions for this server.
AD server, then it would use the custom zimbra authentication method for
cyrus-sasl to auth your clients against AD. I don't know what you intend
on replacing Exchange with though, so that may be a bit more than you want.
But it is a solution.
If you want to use SASL/GSSAPI, the clients have to be able to get a TGT
from the KDC.
Alternatively, you could just do straight ldap authentication against AD,
instead of Kerberos-AD, something like:
Sr. Member of Technical Staff
A Division of VMware, Inc.
Zimbra :: the leader in open source messaging and collaboration
- << Previous post in topic Next post in topic >>