1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
Winbind mechanisms
==================
Dovecot supports NTLM and GSS-SPNEGO authentication mechanisms using Samba
[http://www.samba.org]'s winbind daemon. It is useful when you need to
authenticate users against a Windows domain (either AD or NT).
By default NTLM mechanism is handled internally. You can use winbind instead by
setting:
---%<-------------------------------------------------------------------------
auth_use_winbind = yes
---%<-------------------------------------------------------------------------
The usernames, returned by winbind, can contain some domain part (either
"DOMAIN\user" or "user@example.com"). Such usernames are always transformed to
the form of "user@domain". To strip domain part (to obtain corresponding local
username, for example), set:
---%<-------------------------------------------------------------------------
auth_username_format = %n
---%<-------------------------------------------------------------------------
Dovecot needs path to Samba's 'ntlm_auth' binary to perform the authentication.
You can change the path with:
---%<-------------------------------------------------------------------------
auth_winbind_helper_path = /usr/bin/ntlm_auth
---%<-------------------------------------------------------------------------
Dovecot currently does blocking lookups, so if 'ntlm_auth' is slow on
responding (e.g. network problems), Dovecot blocks all other authentication
requests until it's finished.
(This file was created from the wiki on 2019-06-19 12:42)
|
