[quote=“davidep, post:4, topic:4764, full:true”]
As said in the past, the upstream Postfix package comes with no support for Kerberos. Without KB support, we can’t browse the AD LDAP and configure it as Postfix DB for address alias expansion.[/quote]
I’m discovering this topic and, again, as I’ve not yet installed NS, my comment might be just a stupid one…
I don’t really understand what you describe here, or, rather, I may understand but, in such case, this sounds strange to me.
Do you mean to say that S4-LDAP doesn’t accept either anonymous or simple bind but only SASL bind (which through GSSAPI, means KRB) ?
I know I need to deploy NS, I’ll do it…
FYI, having deployed UCS for some customers (NS was not yet in my scope because Rob was late ), I can access its S4-LDAP server authenticating either with SASL or simple bind and even anonymously. Then one could discuss whether anonymous access is a good idea or not (I think it is but requires some ACL) bt from pure technical view point, this is achievable.