Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » PAM on Mac OS X (PAM on Mac OS X)
  •  
skip

Messages: 2
Karma: 0
Send a private message to this user
I was talking to a Kerio support engineer about some pre-sales questions a few days ago and he told me that, despite there not being an option in the GUI to enable it, PAM authentication should work on Mac OS X as long as the PAM module has been installed properly.
He also mentioned there being a knowledge base article about this, specific for OS X, but I haven't been able to find this yet.

Anyway, I've been trying to get this to work since then but to no avail.
The PAM module works just fine with SSH and FTP and I've created a keriomail PAM config file with auth, account and password rules in it for my PAM module.

When that didn't work I started looking around in the other kerio config files and noticed the pamservice option in the mailserver.cfg file and that on a linux server this is set to the PAM service option in the GUI (keriomail in my case), but manually changing this on the OS X server didn't work either and it still uses it's own authentication. (Note none of these servers are production servers so I can test everything)

Does anybody have any suggestions how to get Kerio to use my PAM module?

Thanks
Skip
  •  
dominic@cbx.com

Messages: 27
Karma: 3
Send a private message to this user
I've never tried PAM auth for kerio specifically - preferring OpenDirectory/LDAP auth on Mac OS X.

According to the admin manual, PAM auth is available only for linux installs: 7.7 Authentication of domain users.

Looking into /usr/lib/pam/ where pam modules are stored on OSX, it appears that kerio does _not_ install its module into this directory.

[Updated on: Thu, 06 September 2012 23:07]

  •  
skip

Messages: 2
Karma: 0
Send a private message to this user
Well, I knew the documentation says it only runs on Linux, but as the support guy said it could be configured for OS X as well I wanted to try and get it to work.

I guess worst case scenario we could run the mail server in a Linux virtual box etc, but it would be so much easier to just run it natively... Especially since PAM works fine on OS X.

Regarding the /usr/lib/pam/ folder, that's where my PAM module lives as well and as I'll need kerio to use that I'm not entirely sure what modules kerio would need to install. I figured all I need to get it to do is to use my PAM module for authentication or am i missing something here.

  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
This information isn't accurate. PAM authentication cannot be used with Kerio Connect on OS X. Only on Linux.
Previous Topic: AD Schema ldif or ldb file
Next Topic: Versions of Connect matching versions of Entourage/Outlook for Mac
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Aug 22 20:28:15 CEST 2017

Total time taken to generate the page: 0.00405 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.