Hi Team,
Would it be possible to setup a different authentication method
depending on the connection source?
I would like to use oauth2 (with mfa) for connections from internet via
haproxy, whereas on the lan I run samba-dc and hence AD (krb5) is the
method to use.
The latter is already setup and works fine, now I want to add oauth2 for
haproxy connections (or outside lan ip-range).
Here's the relevant bit of "dovecot -n":
auth_default_realm = EXAMPLE.COM
auth_gssapi_hostname = mailserver.example.com
auth_krb5_keytab = /etc/keytab/dovecot.keytab
auth_master_user_separator = *
auth_mechanisms = gssapi gss-spnego plain
auth_realms = EXAMPLE.COM
passdb {
? args = /etc/dovecot/dovecot-ldap.conf.ext
? driver = ldap
? pass = yes
}
passdb {
? driver = pam
}
userdb {
? args = /etc/dovecot/dovecot-ldap.conf.ext
? driver = ldap
}
- Kees.