On (12/09/17 09:24), Edouard Guigné wrote:
Hello dear SSSD Users,
I would like to get informations concerning postfix cyrus sasl vs sssd
My goal is that users using my mail server (postfix and imap server cyrus) to
be able to authenticate against AD.
It suppose postfix and cyrus configured with sasl, and sasl configured to use
Pam should be configured to use SSSD against AD....
[Postfix / Cyrus <==> sasl (pam) <==> SSSD] .... <===> [MY Microsoft
Server Active Directory]
I would like to know if someone has already used this configuration. Does it
If yes, may you explain me the packages to install on centos 7, and the file
saslauthd.conf ? cyrusd.conf ? main.cf (postfix)
I think I could as well use FreeIPA instead of Windows AD server, if SSSD is
configured in this way.
But I am not very used with FreeIPA and AD trust for the moment.
Otherwise, I found this link
This explains how to configure against ldap backend. I intend to do the same,
with AD server instead of Ldap.
That blog post mentioned testsaslauthd utility which might and it works for me
quite good. (I had sssd already configured)
So I just started saslauthd.service and configure "imap" pam service
sh# systemctl start saslauthd
sh# vi /etc/pam.d/imap
sh$ testsaslauthd -u testuser -p SecretPassword
0: OK "Success."
and journald contained info about success
Sep 13 16:34:18 host.example.com
authentication success; logname= uid=0 euid=0 tty= ruser= rhost=
I am not sure how to help more