postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: smtpd_chat_query, dovecot sasl, AD, Samba4

smtpd_chat_query, dovecot sasl, AD, Samba4

From: Trever L. Adams <trever.adams_at_nospam>
Date: Tue Oct 19 2010 - 13:55:59 GMT

 Hello everyone,

I am hoping someone can help me with a problem.

I have a Samba4 AD domain. I have dovecot setup to do gssapi against
this AD. I have postfix configured to use dovecot sasl. It works great
for imap in windows and linux. In Windows, smtp doesn't work for gssapi,
but works for plain and login (which are configured along with gssapi in
dovecot). These are all Thunderbird.

With Windows I get the following:
postfix/smtpd[6364]: warning: CLIENT_FQDN[CLIENT_IP]: request longer
than 2048: AUTH GSSAPI gssapidata.

My query is this: does postfix truncate or otherwise mess up the data
when the above warning is given? If not, has anyone seen something
similar? Is it a bug in Thunderbird?

I imagine the reason Kerberos is larger in Windows than Linux is the PAC.

Some of you may have seen other posts elsewhere which state I have fixed
this and it was related to S4 not setting userPrincipalName correctly
for a service principal. This is what got Linux Thunderbird working, but
not Windows.

Any help anyone can offer would be GREATLY appreciated.

Thank you,
Trever Adams
-- "Black holes are where God divided by zero." -- Unknown