|
Server : Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 System : Linux server.jackjohnson.com 2.6.32-279.5.2.el6.x86_64 #1 SMP Fri Aug 24 01:07:11 UTC 2012 x86_64 User : jackjohn ( 502) PHP Version : 5.3.17 Disable Function : NONE Directory : /usr/share/doc/dovecot-2.2.23/wiki/ |
Upload File : |
Winbind mechanisms ================== Dovecot supports NTLM and GSS-SPNEGO authentication mechanisms using Samba [http://www.samba.org]'s winbind daemon. It is useful when you need to authenticate users against a Windows domain (either AD or NT). By default NTLM mechanism is handled internally. You can use winbind instead by setting: ---%<------------------------------------------------------------------------- auth_use_winbind = yes ---%<------------------------------------------------------------------------- The usernames, returned by winbind, can contain some domain part (either "DOMAIN\user" or "user@example.com"). Such usernames are always transformed to the form of "user@domain". To strip domain part (to obtain corresponding local username, for example), set: ---%<------------------------------------------------------------------------- auth_username_format = %n ---%<------------------------------------------------------------------------- Dovecot needs path to Samba's 'ntlm_auth' binary to perform the authentication. You can change the path with: ---%<------------------------------------------------------------------------- auth_winbind_helper_path = /usr/bin/ntlm_auth ---%<------------------------------------------------------------------------- Dovecot currently does blocking lookups, so if 'ntlm_auth' is slow on responding (e.g. network problems), Dovecot blocks all other authentication requests until it's finished. (This file was created from the wiki on 2016-03-30 04:43)