Sendmail and Active Directory

[SeaBird2000]

Hi all,

I am setting up a sendmail server and would like the users to authenticate with Microsoft Active Directory. Please give me some pointers.

Thanks,
SeaBird

 

[mrballcb]

Look into winbind. It's a service for your linux box that can authenticate users on an AD server. I do not know if others have done this before or if you'll be blazing the trails on your own. My understanding of this is that you configure sendmail to use sasl and sasl is configured to use PAM, and PAM is configured to use winbind, then you should be able to have sendmail authenticate users in an AD tree. Having never set up winbind before, you may find that my information is slightly off or just plain wrong.

If you want sendmail to connect to the directory directly, you have a rough road ahead of you:
1) Sendmail can only connect to a directory using anonymous (ie no authentication).
2) AD does not allow anonymous access.

In that case, you'll have to put something inbetween that can proxy those requests for you. Then it's just a matter of:
1) Figuring out where in the tree the users are located.
2) Being able to do the authentication