Hallo.
First of all I'm sorry for my bad english.
I have a question about how dovecot use passwords.
I have all my mail accounts in a ldap database.
The user password are stored in form: {crypt}mypasswd.
In dovecot-ldap.conf I have default_pass_scheme = CRYPT.
All is working fine.
The problem in the crypt scheme is that I can't have passwords more than
8 characters long.
So I've tried to change the type of the ldap passwords in SSHA or SMD5,
but in this way the users can't authenticate yourselfs.
Dovecot doesn't understand SSHA or SMD5?
On Fri, Nov 17, 2006 at 11:10:44AM +0100, Mauro Sanna wrote:> The problem in the crypt scheme is that I can't have passwords more than > 8 characters long. > So I've tried to change the type of the ldap passwords in SSHA or SMD5, > but in this way the users can't authenticate yourselfs. > Dovecot doesn't understand SSHA or SMD5?As far as I understand, this is a good candidate to use auth binds. If you do this, dovecot even need not know ANYTHING about passwords in LDAP, since the pwd verification is done by trying to BIND to the DN of the user with the given password, so the only component need to know about password and password scheme is the LDAP server itself. You have may have got no privilege to see userpassword attribute ... However you'll got problems if you use some kind of advanced authentication with IMAP/POP3 which does not send clear text passwords which are sutiable to use as password to bind to LDAP ? -- - G?bor
On Fri, 2006-11-17 at 11:10 +0100, Mauro Sanna wrote:> So I've tried to change the type of the ldap passwords in SSHA or SMD5, > but in this way the users can't authenticate yourselfs. > Dovecot doesn't understand SSHA or SMD5?It does, unless you're using v0.99.x version. Set auth_debug_passwords=yes and check the logs what it says when you try to authenticate. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20061119/cdcb470d/attachment.bin>