Hello My system: FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE #2: Tue Aug 31 17:07:54 CEST 2010 :/usr/obj/usr/src/sys/GENERIC i386 Relevant part of the installed software: # pkg_info|grep cyrus cyrus-imapd-2.3.16_2 The cyrus mail server, supporting POP3 and IMAP4 protocols cyrus-sasl-2.1.23 RFC 2222 SASL (Simple Authentication and Security Layer) cyrus-sasl-saslauthd-2.1.23 SASL authentication server for cyrus-sasl2 Kerberos5 settings: They are all ok, because I can these cross check by using kinit (and such tools), ldapsearch and of course the security event protocol of the domain controllers. So I can say all this is ok. /etc/rc.conf: [snip] saslauthd_enable="YES" saslauthd_flags="-a kerberos5" I use three of the above servers and with two of them I have no such problems. Here what is going wrong: After I update all my ports I can no longer authenticate against Kerberos5. The test with testsaslauthd -u usernamex -p passwordx ends always in 0: NO "authentication failed". In /var/log/auth.log I can see Sep 24 08:07:28 saslauthd[83827]: do_auth : auth failure: [user=martin] [service=imap] [realm=] [mech=kerberos5] [reason=krb5_verify_user_opt failed]. What's intressting if I use saslauthd_flags="-a pam" then all is working as expected. And again before the update all worked without any problems. Any ideas? Regards, -- Martin Schweizer schweizer.martin@xxxxxxxxx Tel.: +41 32 512 48 54 (VoIP) Fax: +1 619 3300587
