How to use Postfix to authenticate using GSSAPI (Kerberos) in an IPA/AD environment?

Solution Verified - Updated -

Issue

  • We are building a postfix relay server with IPA/AD integrated Kerberos authentication (GSSAPI).
  • The relay server side works fine for users with a kerberos ticket.
  • How we can enable GSSAPI authentication for Postfix clients to send authenticated email to the central mail relay?
  • The objective is to have GSSAPI authentication for email coming from other systems with Postfix installed, so that one Postfix server is able to authenticate to another Postfix server using GSSAPI, without specifying a username/password.

Environment

  • Red Hat Enterprise Linux 8
  • A domain environment (preferably IPA but it will also work with AD)
  • Postfix
  • Dovecot

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content