ntlm_auth support for Dovecot

Dmitry Butskoy buc at odusz.so-cdu.ru
Mon Jul 9 13:49:33 GMT 2007


I've made a patch for the Dovecot imap server (http://dovecot.org), 
which adds support for Samba's proposed way of using "ntlm_auth" helper 
for windows types of authentication.
The helper can be used by the "dovecot-auth" daemon for "NTLM" and 
"GSS-SPNEGO" SASL mechanisms.

The work to include this patch upstream is in progress now.

Currently, Dovecot already has some "NTLM" support, but against a local 
or sql database only (no any support for authentication against AD or NT 
domain)

One big advantage of this patch is the ability to use "SPA" (Secure 
Password Authentication) for mail programs in Windiows. No more need to 
specify "login/password" manually in each mail program of each user 
desktop...

Since the "dovecot-auth" daemon can be utilized by MTA (f.e. Postfix 
supports this for SMTP auth), the "SPA" can be used for outgoing mails 
as well.

The patch is attached. It is against dovecot-1.0.1 .

If someone here use Dovecot  in some Windows domain environment, please, 
test it.


Regards,
Dmitry Butskoy
http://www.fedoraproject.org/wiki/DmitryButskoy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dovecot-1.0.1-winbind.patch
Type: text/x-diff
Size: 15611 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20070709/16164aae/dovecot-1.0.1-winbind.bin


More information about the samba-technical mailing list