No it's intentionally %Ln to convert user1 at domain into user1 for PAM.
Aki
> On July 13, 2017 at 2:03 PM Larry Rosenman <larryrtx at gmail.com>
wrote:
>
>
> Is the %Ln on the 2nd passdb supposed to be a %Lu?
>
>
> Sent from my Sprint Samsung Galaxy S8+.
> -------- Original message --------From: Aki Tuomi <aki.tuomi at
dovecot.fi> Date: 7/13/17 4:43 AM (GMT-06:00) To: Dovecot List <dovecot
at dovecot.org>, Larry Rosenman <larryrtx at gmail.com> Subject: Re:
System users lookup via PAM: strip the domain name?
> No.
>
> It's just a placeholder, like %u or %d.
>
> Aki
>
> > On July 13, 2017 at 10:57 AM Larry Rosenman <larryrtx at
gmail.com> wrote:
> >
> >
> > Will %{original_username} set %d as well?
> >
> >
> > Sent from my Sprint Samsung Galaxy S8+.
> > -------- Original message --------From: Aki Tuomi <aki.tuomi at
dovecot.fi> Date: 7/13/17 12:34 AM (GMT-06:00) To: Dovecot List <dovecot
at dovecot.org>, Larry Rosenman <larryrtx at gmail.com> Subject: Re:
System users lookup via PAM: strip the domain name?
> >
> > > On July 13, 2017 at 4:27 AM Larry Rosenman <larryrtx at
gmail.com> wrote:
> > >
> > >
> > > I have a need for the following:
> > >
> > > Real system users in /etc/{passwd,shadow} (actually PAM on
FreeBSD) wirhOUT @domain in /etc/passwd
> > >
> > > Virtual Users in SQL (with full user at domain in the DB)
> > >
> > >
> > >
> > > When I have auth_username_format = %Ln I can?t auth the Virtual
Users, and if I have auth_username_format = %Lu I can?t auth System users.
> > >
> > >
> > >
> > > Is there a compromise somewhere?
> > >
> > >
> >
> > You could try using %{original_username} in SQL.
> >
> > Or you can try removing the auth_username_format and instead
> >
> > passdb {
> > driver = sql
> > args = ...
> > }
> > passdb {
> > driver = static
> > args = user=%Ln noauthenticate
> > # you can remove next line if you want to always normalize your
usernames
> > skip = authenticated
> > }
> > passdb {
> > driver = pam
> > args = ...
> > skip = authenticated
> > }
> >
> > Aki