Hi all, I've already addressed this with some of the Thunderbird developers and was directed here as it is believed it's a configuration problem, not a Thunderbird problem.
ERROR: Server does not support secure authentication (rephrased error message from Thunderbird dialog). More details on above error found via debugging settings: 10800[20cf170]: gss_init_sec_context() failed: Unspecified GSS failure. Minor code may provide more information Server not found in Kerberos database 10800[20cf170]: leaving nsAuthGSSAPI::GetNextToken [rv=80004005] And finally note that the KDC I would like to authenticate to (ourkdc.company.org) never logs a single thing related to this Thunderbird auth attempt. Client Environment ================== 1. Thunderbird 1.5.0.12 network.auth.use-sspi = false 2. Kerberos for Windows 3.2 3. C:\WINDOWS\krb5.ini contains: [libdefaults] default_realm = MYREALM.COMPANY.ORG [domain_realm] .company.org = MYREALM.COMPANY.ORG company.org = MYREALM.COMPANY.ORG [realms] MYREALM.COMPANY.ORG = { kdc = ourkdc.company.org admin_server = ourkdc.company.org } 5. Credentials for [EMAIL PROTECTED] are obtained just fine. 6. This client is ALSO part of a Windows domain that I have no control over. That Windows domain (kerberos-wise) is "COMPANY.ORG" and when Kerberos for Windows starts the credentials for [EMAIL PROTECTED] are imported. KDC Environment (ourkdc.company.org) ==================================== 1. MIT Kerberos 1.6.2 2. imap/mailsrv1.company.org exists in KDC and is in the keytab file on mailsrv1.company.org 3. host/mailsrv1.company.org exists in KDC and is in the keytab file on mailsrv1.company.org Mail Server Environment ======================= 1. Cyrus IMAP 2 + Cyrus SASL 2 2. imtest with GSSAPI works fine when I have credentials for [EMAIL PROTECTED] ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos