Pidgin as Windows SSO client

Daniel Atallah datallah at pidgin.im
Thu Aug 6 21:14:44 EDT 2009


On Thu, Aug 6, 2009 at 15:04, Rochon, Brandon<BRochon at reveredata.com> wrote:
> I tried posting this on Openfire's forum, but no luck thus far:
>
>
>
> I've got Openfire and Spark working together just fine in an Active
> Directory single-sign-on setup finally.  I'm trying to get Pidgin to work
> now instead of Spark as a SSO client (it works fine as a regular
> auth/non-GSSAPI client).  People keep mentioning that it's possible but
> nobody has explained how.
>
>  There's no explicit SSO XMPP option inside of Pidgin, so I can only assume
> that it's just supposed to work.  The only useful debug output from Pidgin I
> see is:
>
>  (16:01:59) sasl: Mechs found: GSSAPI
> (16:01:59) sasl: No worthy mechs found
>
>  Why is it not worthy?  I hear Pidgin already has Cyrus-SASL support
> compiled in.  Is something else needed?  Extra undocumented settings in
> accounts.xml??

The hard part (from my experience) is getting the server set up correctly.

To get Pidgin to work once that is complete, you need to install MIT
Kerberos for Windows, then, IIRC, run (one time) 'netidmgr -m'.

After restarting Pidgin, as long as the MIT Identity Manager is
running you should be able to connect.

-D




More information about the Support mailing list