Thank you for the response. So, both password files (master and regular user credentials) have the same contents in this scenario, correct? -Kishore On Mon, Aug 3, 2020 at 11:42 PM Joseph Tam <jtam.home at gmail.com> wrote:> On Mon, 3 Aug 2020, Kishore Potnuru wrote: > > > ==============> > Jul 28 11:14:23 auth: Fatal: Master passdb can't have pass=yes if there > are > > no passdbs > > Jul 28 11:14:23 master: Error: service(auth): command startup failed, > > throttling > > ==============> > > > after the above error, I have commented "pass=yes" in production1 (old > > server) server, then I see the below error. > > > > ===============> > Jul 28 11:17:10 auth: Fatal: No passdbs specified in configuration file. > > PLAIN mechanism needs one > > Jul 28 11:17:10 master: Error: service(auth): command startup failed, > > throttling > > ==============> > > > ========================================> > My old server dovecot.conf (production1): > > ========================================> > > > passdb { > > args = /etc/dovecot/passwd > > driver = passwd-file > > master = yes > > pass = yes > > } > > My interpretation of your error messages is you need 2 sets of credentials: > regular users and master users. You've only supplied master passwords. > You'll need > > # Contains master users credentials > passdb { > args = /etc/dovecot/master-passwd > driver = passwd-file > master = yes > pass = yes > } > > # Contains regular user credentials > passdb { > args = /etc/dovecot/passwd > driver = passwd-file > } > > Joseph Tam <jtam.home at gmail.com> >-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20200804/3251028d/attachment.html>
Hi Kishore, On 04.08.20 09:50, Kishore Potnuru wrote:> So, both password?files (master and regular user credentials) have the same > contents in this scenario, correct?first of all: thanks for collecting the information. As Joseph wrote: I too think that in your config of 'production1' a passdb with the credentials of regular users is missing. On one of my servers I'm using this: passdb { driver = passwd-file master = yes args = /etc/dovecot/master-users #pass = yes } passdb { driver = passwd-file args = username_format=%u /etc/dovecot/users } Something similar should work in your case. Regards, Markus
Thank you for the reply.
In old server (production1), I have changed like this for passdb. rest all
i kept the same.
passdb {
args = /etc/dovecot/master-users
driver = passwd-file
master = yes
#pass = yes
}
passdb {
driver = passwd-file
args = username_format=%u /etc/dovecot/passwd
}
Now I am getting the below Authentication error from production2. Seems I
have made some mistake.
-----
[root at production2 dovecot]# doveadm backup -a All -R -u
kishore at test.testorg.com imapc:
dsync(kishore at test.testorg.com): Info: imapc(production1.testorg.com:143):
Connected to 161.2.11.119:143 (local xxx.xxx.xxx.xxx:39200)
dsync(kishore at test.testorg.com): Error: imapc(production1.testorg.com:143):
Authentication failed: [AUTHENTICATIONFAILED] Authentication failed.
dsync(kishore at test.testorg.com): Error: User initialization failed: imapc:
Login to production1.testorg.com failed: Authentication failed:
[AUTHENTICATIONFAILED] Authentication failed.
-----
In production1, I see this error:
-----
Aug 04 16:42:43 imap-login: Info: Disconnected (auth failed, 1 attempts):
user=<vmail>, method=PLAIN, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx
-----
The content on the password file:
-------
[root at production1 log]# cat /etc/dovecot/passwd
karan at test.testorg.com:{PLAIN}Password123
kishore at test.testorg.com:{PLAIN}Password123
[root at production1 log]# cat /etc/dovecot/master-users
karan at test.testorg.com:{PLAIN}Password123
kishore at test.testorg.com:{PLAIN}Password123
-------
I have copied the same content of the "passwd" file to
"master-users" file.
Actually, it should be having same content? if different, what will be the
data and which format?
Please advise me, what am I making mistakes? As told you before, the
dovecot versions are production1(2.0.9) and production2(2.2.36 (1f10bfa63))
On Tue, Aug 4, 2020 at 11:21 AM Markus Winkler <ml at irmawi.de> wrote:
> Hi Kishore,
>
> On 04.08.20 09:50, Kishore Potnuru wrote:
> > So, both password files (master and regular user credentials) have the
> same
> > contents in this scenario, correct?
>
>
> first of all: thanks for collecting the information.
>
> As Joseph wrote: I too think that in your config of 'production1' a
passdb
> with the credentials of regular users is missing.
>
> On one of my servers I'm using this:
>
> passdb {
> driver = passwd-file
> master = yes
> args = /etc/dovecot/master-users
> #pass = yes
> }
>
> passdb {
> driver = passwd-file
> args = username_format=%u /etc/dovecot/users
> }
>
>
> Something similar should work in your case.
>
> Regards,
> Markus
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20200804/13196d47/attachment.html>
On Tue, 4 Aug 2020, Kishore Potnuru wrote:> So, both password files (master and regular user credentials) have the same > contents in this scenario, correct?No. Master users are administrative users you allow to authenticate as another account without having to know their password. If the master account is "master", and the user account is "xyz", then an administrator can access xyz's mail by authenticating as username: xyz*master password: password for master This would allow, for example, to migrate all users via the IMAPC mechanism without having to know all their passwords. By making both master and passdb's the same, you allow anyone to access anybody else's account e.g. "xyz" can access account for "abc" by using their password with user "abc*xyz". Joseph Tam <jtam.home at gmail.com>