Displaying 1 result from an estimated 1 matches for "mechanism_filter".
2017 Dec 05
1
Can passdb be bypassed for non-plaintext authentication mechanisms
I am using Active directory authentication via gssapi for most users. In dovecot.conf I have:
auth_mechanisms = plain login gssapi
auth_use_winbind = yes
I also have
passdb { driver = shadow }
userdb { driver = passwd }
for those few users who are NOT AD users.
Even though the AD users do not exist in /etc/passwd or /etc/shadow, Dovecot ALWAYS first looks
them up in shadow, which ALWAYS