Re: Howto authenticate smartPhone via Active Directory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 2 Dec 2017, Mark Foley wrote: I have a Samba4 Active Directory server. Dovecot authenticates AD Users with domain credentials using GSSAPI (Thunderbird client). I believe I have Dovecot set to attempt authentication via

Re: Howto authenticate smartPhone via Active Directory

Hi, ldap_bind: Strong(er) authentication required (8) additional info: BindSimple: Transport encryption required. If you are using recent (4.7) samba, your problem could be that it requires ssl ldap by default, unless you configure ldap server require strong auth = no in

Re: Howto authenticate smartPhone via Active Directory

On Tue, 5 Dec 2017 16:42:15 +0100 mj wrote: > Hi, > > Not much time to reply now. > > On 12/05/2017 05:21 AM, Mark Foley wrote: > > mj - thanks! That the first useful example I've received from any > > forum/list. I'm getting ready > > to try my config (have to do so after

Re: Howto authenticate smartPhone via Active Directory

Hi, Not much time to reply now. On 12/05/2017 05:21 AM, Mark Foley wrote: mj - thanks! That the first useful example I've received from any forum/list. I'm getting ready to try my config (have to do so after hours), but I have some probably simple-minded questions: Well, that looks as if you

Re: Howto authenticate smartPhone via Active Directory

ip=192.168.0.52, lip=192.168.0.2, mpid=14907, TLS, > > session= > > Dec 03 18:56:50 auth: Debug: auth client connected (pid=14913) > > > > Notice after the "shadow" auth fails it says, "unknown user - trying the > > next passdb", which

Re: Howto authenticate smartPhone via Active Directory

On 12/04/2017 09:01 AM, Aki Tuomi wrote: It seems you'd have to configure OpenLDAP backend for Samba to have LDAP. No. As far as I know, samba in AD mode always does ldap. (AD *is* just that: microsoft-ized ldap) And you should configure dovecot simply as a regular ldap client. That's

Re: Howto authenticate smartPhone via Active Directory

03/12/2017 21:18 (GMT+02:00) To: dovecot@dovecot.org Subject: Re: Howto authenticate smartPhone via Active Directory Yes, you are right. This link: https://www.redips.net/linux/android-email-postfix-auth/#section2 shows: passdb pam { } used for authenticating Android.  Problem #1 is that Slack

Re: Howto authenticate smartPhone via Active Directory

uot;, which is > checkpassword (which apparently succeeds), then it goes on to gssapi which > also succeeds. Is > there a way to only have it do checkpassword if all shadow and gssapi fail? > My mechanisms are: > > auth_mechanisms = plain login gssapi > > THX, --Mark >

Re: Howto authenticate smartPhone via Active Directory

pi THX, --Mark --Mark -Original Message- Date: Sun, 03 Dec 2017 22:28:53 +0200 Subject: Re: Howto authenticate smartPhone via Active Directory From: Aki Tuomi <aki.tu...@dovecot.fi> To: Mark Foley <mfo...@ohprs.org>, dovecot@dovecot.org with passdb ldap i guess. ---Aki Tuomi Do

Re: Howto authenticate smartPhone via Active Directory

with passdb ldap i guess. ---Aki TuomiDovecot oy Original message From: Mark Foley <mfo...@ohprs.org> Date: 03/12/2017 21:18 (GMT+02:00) To: dovecot@dovecot.org Subject: Re: Howto authenticate smartPhone via Active Directory Yes, you are right. This link:

Re: Howto authenticate smartPhone via Active Directory

uomiDovecot oy > > Original message > From: Mark Foley <mfo...@ohprs.org> > Date: 03/12/2017 06:03 (GMT+02:00) > To: dovecot@dovecot.org > Subject: Howto authenticate smartPhone via Active Directory > I have a Samba4 Active Directory server. Do

Re: Howto authenticate smartPhone via Active Directory

Howto authenticate smartPhone via Active Directory I have a Samba4 Active Directory server. Dovecot authenticates AD Users with domain credentials using GSSAPI (Thunderbird client). I believe I have Dovecot set to attempt authentication via shadow first and. failing that, it does authentica

Howto authenticate smartPhone via Active Directory

I have a Samba4 Active Directory server. Dovecot authenticates AD Users with domain credentials using GSSAPI (Thunderbird client). I believe I have Dovecot set to attempt authentication via shadow first and. failing that, it does authenticate via GSSAPI. Smartphones connect to Dovecot via port