Hello,
Running FC5 x86_64 with dovecot-1.0-0_8.beta3.rhfc5.at
Using system user/passwds for 99.99% of users...have sql user/pass enabled
to test virtual users from mysql.
How do I strip off the domain when users provide user at domain.com so that
my userdb and passdb use just 'user'? (disregarding sql auth...I'm
not
concerned with that right now).
My dovecot.conf auth config:
passdb pam {
args = dovecot
}
passdb sql {
args = /etc/dovecot-sql.conf
}
userdb passwd {
}
userdb sql {
args = /etc/dovecot-sql.conf
}
Can I just pass userdb the 'user' using an args= statement? %d?
...and then also to the passdb?
Thanks, Curt
Netlink Tech wrote:> Hello, > Running FC5 x86_64 with dovecot-1.0-0_8.beta3.rhfc5.at > Using system user/passwds for 99.99% of users...have sql user/pass > enabled to test virtual users from mysql. > > How do I strip off the domain when users provide user at domain.com so > that my userdb and passdb use just 'user'? (disregarding sql > auth...I'm not concerned with that right now). > > My dovecot.conf auth config: > > passdb pam { > args = dovecot > } > > passdb sql { > args = /etc/dovecot-sql.conf > } > > userdb passwd { > } > > userdb sql { > args = /etc/dovecot-sql.conf > } > > Can I just pass userdb the 'user' using an args= statement? %d? > ....and then also to the passdb? > > Thanks, CurtThis was answered on the list quite recently, you might want to search the archives.
On Tue, 2006-04-11 at 09:36 -0500, Netlink Tech wrote:> Hello, > Running FC5 x86_64 with dovecot-1.0-0_8.beta3.rhfc5.at > Using system user/passwds for 99.99% of users...have sql user/pass enabled > to test virtual users from mysql. > > How do I strip off the domain when users provide user at domain.com so that > my userdb and passdb use just 'user'? (disregarding sql auth...I'm not > concerned with that right now).In general I don't see this as very useful feature. Why are your users logging in with @domain? Or why not change your passdbs/userdbs to just contain the domain, and set auth_default_realm so everyone always logs in with domains?> My dovecot.conf auth config: > > passdb pam { > args = dovecot > }Here you could use some PAM plugin to strip it. I've no idea if such exists though.> passdb sql { > args = /etc/dovecot-sql.conf > }Here you can modify your SQL command to use %n instead of %u.> userdb passwd { > }If the PAM plugin which strips the domain from username does it properly, it should have returned the new username to Dovecot and this should work..> userdb sql { > args = /etc/dovecot-sql.conf > }And here again you can use %n. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20060412/796fd2e5/attachment.bin>
So if I understand this correctly, %u matches the whole username in the sql database, but %n only matches the name before @? One thing we discovered in migrating from courier-imap to Dovecot is that courier-imap supported user at domain as a valid login name, where by default using %u in the SQL query, Dovecot does not. So it would have been useful for us to avoid a number of tech support calls for users who have user at domain configured in their mail clients. -- Roger J. Weeks Systems & Network Administrator Mendocino Community Network On Apr 12, 2006, at 7:16 AM, dovecot-request at dovecot.org wrote:> Date: Wed, 12 Apr 2006 16:05:24 +0300 > From: Timo Sirainen <tss at iki.fi> > Subject: Re: [Dovecot] strip domains > To: Netlink Tech <tech at netlinkcom.com> > Cc: dovecot at dovecot.org > > On Tue, 2006-04-11 at 09:36 -0500, Netlink Tech wrote: > In general I don't see this as very useful feature. Why are your users > logging in with @domain? Or why not change your passdbs/userdbs to > just > contain the domain, and set auth_default_realm so everyone always logs > in with domains? > > > Here you can modify your SQL command to use %n instead of %u. > > >> userdb passwd { >> } >> > >> userdb sql { >> args = /etc/dovecot-sql.conf >> } >> > > And here again you can use %n. >