support+dovecot at shellworld.net
2023-Jan-21 10:09 UTC
Different username for passdb and userdb
Hello
I am attempting to use an external IMAP server for authentication, on
Dovecot 2.3.16 (7e2e900c1a), running on Ubuntu 22.04.
The external server requires usernames of the format: user at domain
However, my local users, where the mail is actually drawn from, are of the
format: user (passwd file driven).
I was able to log in with just "user", and have it both authenticate
remotely, and access local mail, using:
passdb {
driver = imap
args = host=remotehost.com ssl=imaps port=993 user=%n@%d
ssl_ca_dir=/etc/ssl/certs
}
userdb {
driver = passwd
args = blocking=no
}
However, the remote SMTP server, which I will not be proxying, requires
the same user at domain format for usernames. I would rather not ask
users to use "user at domain" for SMTP, and "user" for IMAP.
They should only have to use "user at domain" for login everywhere.
Is there a way to do this? The docs suggest so
(AuthDatabase.PasswdFile.txt), but if so I must be botching it.
Things I have tried:
passdb {
driver = imap
args = host=remotehost.com ssl=imaps port=993 ssl_ca_dir=/etc/ssl/certs
}
userdb {
driver = passwd
args = blocking=no
override_fields = username_format=%n
}
I also tried:
override_fields = user=%n
Or, alternatively to any override_fields:
args = blocking=no username_format=%n
Lastly, I even tried this whole different approach:
userdb {
driver = passwd-file
args = blocking=no username_format=%n /etc/passwd
}
The following is logged no matter which of those I try:
auth: imapc(remotehost.com:993): Connected to #.#.#.#:993 (local #.#.#.#:35088)
auth: Error: passwd(user at domain,#.#.#.#,<...>): user not found from
userdb
imap(274049): Error: auth-master: login: request [...]: Login auth request
failed: Authenticated user not found from userdb, auth lookup id=... (auth
connected 10 msecs ago, request took 1 msecs, client-pid=274038 client-id=1)
imap-login: Disconnected: Internal login failure (pid=274038 id=1):
user=<user at domain>, method=PLAIN, rip=#.#.#.#, lip=#.#.#.#,
mpid=274049, TLS, session=<...>
(The last attempt got a slightly varied log message, but quite similar:
auth: Error: passwd-file(user at domain#.#.#.#,<...>): user
not found from userdb
)
Any help with this would be much appreciated.
Thanks!
Luke
support+dovecot at shellworld.net
2023-Jan-21 11:20 UTC
Different username for passdb and userdb
On Sat, 21 Jan 2023, I wrote:> I am attempting to use an external IMAP server for authentication [.] > The external server requires usernames of the format: user at domain > However, my local users, where the mail is actually drawn from, are of the > format: user (passwd file driven).So, after about five hours of banging my head against this: naturally, soon after asking this question, I found the answer. Here it is, for any searchers who come upon this. passdb { driver = imap args = host=remotehost.com ssl=imaps port=993 ssl_ca_dir=/etc/ssl/certs # Next is the critical line, that redefines the username for the rest of the session override_fields = user=%n } userdb { driver = passwd args = blocking=no }> Is there a way to do this? The docs suggest so > (AuthDatabase.PasswdFile.txt), but if so I must be botching it.The "override_fields = username_format=%n" that is suggested in that file to solve what appears to be my same problem, doesn't seem to either work or be necessary. I'm probably misreading something, but that was my experience. Regards, Luke