kerberos and smartphone clients

Nikolay Shopik shopik at inblock.ru
Tue Feb 9 12:21:07 EST 2010


On 09.02.2010 18:08, Luke Scharf wrote:
> If you're using virtual users on the e-mail server, then saslauthd can
> be configured to attempt to log in to Kerberos to see if the password is
> valid instead of PAM.  This is an application-level way to check
> credentials, as opposed to a system-level method like PAM -- so if your
> users don't show up in getent, then saslauthd is the way to go.  But
> your e-mail server-daemon needs to be aware of how to use saslauthd --
> most popular e-mail servers are, and if your e-mail server is flexible
> enough to use GSSAPI, it would probably can use SASL, too.

Thanks Luke, saslauthd is what I'm actually looking for.



More information about the Kerberos mailing list