Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>:>> On July 10, 2017 at 1:45 PM azurit at pobox.sk wrote: >> >> >> >> Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>: >> >> >> On July 10, 2017 at 12:33 PM azurit at pobox.sk wrote: >> >> >> >> >> >> Hi, >> >> >> >> i'm trying to configure Dovecot proxy with user authentication on >> >> proxy side only, so backends will authenticate using master password >> >> (proxy is configured to send it). The problem is that Dovecot, on >> >> backends, is telling me that i need to configure at least one auth >> >> mechanism: >> >> >> >> auth: Fatal: No passdbs specified in configuration file. LOGIN >> >> mechanism needs one >> >> >> >> >> >> The master auth is correctly configured. >> >> >> >> I want to accomplished to have user database only on one place >> >> (=proxy). Any hints? >> >> >> >> azur >> > >> > Can you show your backend doveconf -n? >> > >> > Aki >> >> >> >> Here it is: >> https://pastebin.com/C8dTUm5k > > Try adding another entry after the first passdb (order matters) > > passdb { > driver = static > args = nopassword > deny = yes > skip = authenticated > } > > AkiThis seems to be working, thank you. Can you explain me why it's needed?
Cit?t azurit at pobox.sk:> Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>: > >>> On July 10, 2017 at 1:45 PM azurit at pobox.sk wrote: >>> >>> >>> >>> Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>: >>> >>>>> On July 10, 2017 at 12:33 PM azurit at pobox.sk wrote: >>>>> >>>>> >>>>> Hi, >>>>> >>>>> i'm trying to configure Dovecot proxy with user authentication on >>>>> proxy side only, so backends will authenticate using master password >>>>> (proxy is configured to send it). The problem is that Dovecot, on >>>>> backends, is telling me that i need to configure at least one auth >>>>> mechanism: >>>>> >>>>> auth: Fatal: No passdbs specified in configuration file. LOGIN >>>>> mechanism needs one >>>>> >>>>> >>>>> The master auth is correctly configured. >>>>> >>>>> I want to accomplished to have user database only on one place >>>>> (=proxy). Any hints? >>>>> >>>>> azur >>>> >>>> Can you show your backend doveconf -n? >>>> >>>> Aki >>> >>> >>> >>> Here it is: >>> https://pastebin.com/C8dTUm5k >> >> Try adding another entry after the first passdb (order matters) >> >> passdb { >> driver = static >> args = nopassword >> deny = yes >> skip = authenticated >> } >> >> Aki > > > > > This seems to be working, thank you. Can you explain me why it's needed?No need to explain it anymore, i understand it now. I made a little change and (probably) final version is this: passdb { driver = static args = nopassword skip = authenticated } I removed 'deny = yes' as, i believe, it's not needed and it was doing problems with LMTP proxing ('User doesn't exist' error message from backend LMTP). Thanks again. azur
> On July 11, 2017 at 11:50 AM azurit at pobox.sk wrote: > > > > Cit?t azurit at pobox.sk: > > > Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>: > > > >>> On July 10, 2017 at 1:45 PM azurit at pobox.sk wrote: > >>> > >>> > >>> > >>> Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>: > >>> > >>>>> On July 10, 2017 at 12:33 PM azurit at pobox.sk wrote: > >>>>> > >>>>> > >>>>> Hi, > >>>>> > >>>>> i'm trying to configure Dovecot proxy with user authentication on > >>>>> proxy side only, so backends will authenticate using master password > >>>>> (proxy is configured to send it). The problem is that Dovecot, on > >>>>> backends, is telling me that i need to configure at least one auth > >>>>> mechanism: > >>>>> > >>>>> auth: Fatal: No passdbs specified in configuration file. LOGIN > >>>>> mechanism needs one > >>>>> > >>>>> > >>>>> The master auth is correctly configured. > >>>>> > >>>>> I want to accomplished to have user database only on one place > >>>>> (=proxy). Any hints? > >>>>> > >>>>> azur > >>>> > >>>> Can you show your backend doveconf -n? > >>>> > >>>> Aki > >>> > >>> > >>> > >>> Here it is: > >>> https://pastebin.com/C8dTUm5k > >> > >> Try adding another entry after the first passdb (order matters) > >> > >> passdb { > >> driver = static > >> args = nopassword > >> deny = yes > >> skip = authenticated > >> } > >> > >> Aki > > > > > > > > > > This seems to be working, thank you. Can you explain me why it's needed? > > > No need to explain it anymore, i understand it now. I made a little > change and (probably) final version is this: > > passdb { > driver = static > args = nopassword > skip = authenticated > } > > I removed 'deny = yes' as, i believe, it's not needed and it was doing > problems with LMTP proxing ('User doesn't exist' error message from > backend LMTP). Thanks again. > > azurHi! This is very dangerous configuration, please consider using what Sami suggested, viz passdb { driver = static args = password=masterpassword } and remove the master auth completely. then you can override user's password to masterpassword in proxy config. Aki