SASL authentication using NTLM
I wasn't really sure whether to file this question under Security or networking, but I finally decided on security as it is an authentication based question.
I'm curious about how to setup/debug Cyrus SASL (saslauthd) to be able to use NTLM as an authentication mechanism.
In /usr/lib/sasl2/smtpd.conf i have:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN NTLM
and I can telnet to the localhost:25 and after ehlo, it DOES say it has support for auth method NTLM ( 250-AUTH PLAIN LOGIN NTLM ); I also have the package: cyrus-sasl-ntlm-2.1.22-4 installed on my CentOS machine.
I have a user trying to authenticate to postfix using NTLM, and I'm getting the following error message in the logfile /var/log/messages (substitute XXXX for valid user on the system, and hostname.domain for the local hostname of the computer).
Aug 30 12:01:05 smtp saslauthd[938]: do_auth : auth failure: [user=hostname.domain\XXXX] [service=smtp] [realm=] [mech=shadow] [reason=Unknown]
How can I debug saslauthd to help me figure out why this user can't authenticate?
Thanks
Mike
|