Re: Postfix ldap_table authenticate to LDAP using GSSAPI or EXTERNAL

On 01/23/13 00:51, Eric McCorkle wrote: > On 01/23/13 00:49, Viktor Dukhovni wrote: >> On Wed, Jan 23, 2013 at 12:33:01AM -0500, Eric McCorkle wrote: >> >>> Which is due ultimately to there not being a kerberos principal >>> available. However, if I add "start_tls = yes" (and set up the >>> certif

Re: Postfix ldap_table authenticate to LDAP using GSSAPI or EXTERNAL

On 01/23/13 00:49, Viktor Dukhovni wrote: > On Wed, Jan 23, 2013 at 12:33:01AM -0500, Eric McCorkle wrote: > >> Which is due ultimately to there not being a kerberos principal >> available. However, if I add "start_tls = yes" (and set up the >> certificate files), then I get the same "unable to a

Re: Postfix ldap_table authenticate to LDAP using GSSAPI or EXTERNAL

On Wed, Jan 23, 2013 at 12:33:01AM -0500, Eric McCorkle wrote: > Which is due ultimately to there not being a kerberos principal > available. However, if I add "start_tls = yes" (and set up the > certificate files), then I get the same "unable to allocate TLS context" > error. > > This seems to

Re: Postfix ldap_table authenticate to LDAP using GSSAPI or EXTERNAL

On 01/22/13 10:04, Wietse Venema wrote: > Eric McCorkle: >> Interestingly, postalias run from the command line seems to work just >> fine. More interestingly, using an ldap-based local_recipients_maps >> seems to work just fine, but alias_maps fails as described. > > You run postalias as root. Po

Re: Postfix ldap_table authenticate to LDAP using GSSAPI or EXTERNAL

On Tue, 22 Jan 2013 10:04:30 -0500 (EST) Wietse Venema articulated: > Another difference is that root shell user environment settings > differ from those of Postfix daemons. Look at the output from > "postconf import_environment export_evironment". More information > about these is in http://www.p

Re: Postfix ldap_table authenticate to LDAP using GSSAPI or EXTERNAL

On Mon, Jan 21, 2013 at 09:05:33PM -0500, Eric McCorkle wrote: > I am trying to set up an LDAP-based alias table, and I want postfix to > authenticate to LDAP using a Kerberos service principal, or at least > using the EXTERNAL method (SSL certificate authentication). I would recommend GSSAPI (Ke

Re: Postfix ldap_table authenticate to LDAP using GSSAPI or EXTERNAL

Eric McCorkle: > Interestingly, postalias run from the command line seems to work just > fine. More interestingly, using an ldap-based local_recipients_maps > seems to work just fine, but alias_maps fails as described. You run postalias as root. Postfix runs as a daemon, and minimizes usage of ro

Postfix ldap_table authenticate to LDAP using GSSAPI or EXTERNAL

Hello, I am trying to set up an LDAP-based alias table, and I want postfix to authenticate to LDAP using a Kerberos service principal, or at least using the EXTERNAL method (SSL certificate authentication). The ldap-aliases.cf file looks like this (domains and realms changed): server_host = ldap