On 26.10.2012, at 22.13, James Devine wrote:
> I have an ldap server for which each entry includes the email address and
> the username portion of the email address for authentication.
> Authentication works by username if the username is unique among all the
> entries. I need to now add some users which must authenticate even if the
> username is not unique. I figured one way to do this would be to add a
> second user/pass db which puts further restrictions on the ldap query to
> make it unique for those users. This doesn't seem to work however as
if
> the user is found in the first ldap query but the password does not match
> it does not try the second. I would use the password as part of the query
> but this setup requires me to allow the client to hash the password. Is
> there a way to do this? Or maybe I am approaching the problem wrong.
You'd need to update this patch:
http://dovecot.org/patches/2.0/auth-multi-password-2.0.diff
It worked for v1.1 and maybe for v1.2. I never included it mainly because I
never had time to check if it had any security issues.