Scalix and Active Directory (Win2003) for authentication

[asd_itops]

I have a fresh install of Scalix 11.0.1, and on its own it is working fine. However, trying to configure AD for authentication (don't want to synch because of dirty AD structure with non-user accounts intermixed) is not working. I have followed the directions for Kerberos, without SSO... but no luck. No errors that I can find either? Please help?

Scalix 11.0.1
RHEL 4
Confirmed connectivity between Scalix and Windows Servers
Only on screen (WEBMAIL) error is invalid password generic

[asd_itops]

I also wanted to let you know that testing via kinit shows successful authentication

[asd_itops]

See FAQ's for Scalix 11:

SWA uses SMTP authentication
SWA now authenticates with the SMTP Relay. If you are using external authentication such as OpenLDAP or Active Directory, you will need to make sure that the changes you made to /var/opt/scalix/NN/s/sys/pam.d/ual.remote is also applied to /var/opt/scalix/NN/s/sys/pam.d/smtpd.auth and the SMTP Relay is restarted.

If this is not configured, you may find that users are unable to send messages using SWA.


Thanks.... left the post up and the resolution in case anyone else runs across this...

[Valerion]

Glad you got it sorted out.

As an aside, for other people doing troubleshooting, is to use sxpamauth. Create a file in ~/sys/pam.d called pamcheck, containing your rules (copy ual.remote to this file). Right at the top add

auth required om_debug

then run

sxpamauth "User Name"

I managed to trace a Kerberos authentication failure to a clock skew issue this way. Useful if you're not sure where the exact problem is.