search for: noauthent

On 26/09/2018 08:34, Aki Tuomi wrote: > # before current passbd > passdb { > driver = passwd-file > args = username_format=%Lu /etc/dovecot/aliases > } > > # into /etc/dovecot/aliases > alias at user:::::::user=real_username noauthenticate > > This hopefully works. > > Aki This does appear to work, thanks! As an optimization of the alias file, we tried setting "override_fields = noauthenticate" in the passdb instead of placing it as an extra field for every entry, however this does not work. Settin...

Hi, Our organization is currently using a passwd-file user database for our Dovecot installs. However, we now want to provide simple username aliases. We currently use usernames that are -not- equal to the email address, but due to the fact that many major email clients/providers do not even allow you to specifiy a username, we now want to provide aliases where the username is equal to the

....100,<IFCT0m9Y0KjAqAFk>): lookup Sep 05 13:49:41 auth: Debug: static(user00 at realdomain.org,192.168.1.100,<IFCT0m9Y0KjAqAFk>): Allowing any password Sep 05 13:49:41 auth: Debug: static(user00 at realdomain.org,192.168.1.100,<IFCT0m9Y0KjAqAFk>): Not performing authentication (noauthenticate set) ==> /var/log/dovecot.info <== Sep 05 13:49:41 auth: Info: passwd-file(user00 at realdomain.org,192.168.1.100,<IFCT0m9Y0KjAqAFk>): unknown user (given password: pass) - trying the next passdb ==> /var/log/dovecot.debug <== Sep 05 13:49:41 auth-worker(31116): Debug: Load...

Hi, code question... I've been trying to figure out the implications of the new "noauthenticate" passdb field. Internally it causes a passdb to result in PASSDB_RESULT_NEXT. When a SASL mechanism calls auth_request_lookup_credentials(...,callback) the passdb result is passed to the callback. But I can't really figure out when that result will ever be PASSDB_RESULT_NEXT. It...

...6, 2018 at 09:34:07AM +0300, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > # before current passbd > passdb { > ? driver = passwd-file > ? args = username_format=%Lu /etc/dovecot/aliases > } > > # into /etc/dovecot/aliases > alias at user:::::::user=real_username noauthenticate > > This hopefully works. This seems to work fine and I had the idea of doing something similar for the userdb, but there it appears that the user name change doesn't happen. > auth_debug=yes > userdb { > driver = passwd-file > args = username_format=%Lu /etc/dovec...

...em stems from dovecot doing user lookup using 'rock at theglobalvoice.info' which is why it breaks. So, to fix this, and retain what you have configured you need to do bit silly config (this is hopefully getting fixed in 2.3 series at some point). passdb { ??? driver = static ??? args = noauthenticate temp_user=%u user=%Ln } passdb { ??? driver? = pam } passdb { ??? driver = static ??? args = noautenticate user=%{passdb:temp_user} ??? skip = unauthenticated } Aki block quote end

Sorry, small typo passdb { driver = static args = user=%n noauthenticate } Aki On 05.09.2017 14:51, Pol Hallen wrote: > does not work :-/ > > Sep 05 13:49:41 auth: Debug: auth client connected (pid=31115) > Sep 05 13:49:41 auth: Debug: client in: AUTH 1 PLAIN > service=imap secured session=IFCT0m9Y0KjAqAFk > lip=192.168.1.1...

...stion) if yes, I've same problem Pol On 2017-09-05 13:34, Aki Tuomi wrote: > Try configuring like this: > > passdb { > args = scheme=SHA256 username_format=%u /etc/dovecot/users > driver = passwd-file > } > > passdb { > driver = static > args = username=%n noauthenticate > skip = authenticated > } > > passdb { > driver = pam > skip = authenticated > } > > On 05.09.2017 14:29, Pol Hallen wrote: Sure :) thanks > > cat /var/log/dovecot/[...] > > Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131) > Sep 05 1...

...he authentication with user and domain name, so dovecot doesn't accept it any idea? thanks! Pol On 2017-09-05 10:58, Aki Tuomi wrote: > Oh right, you need to do it like this... > > after the passwd-file drivers add > > passdb { > driver = static > args = username=%n noauthenticate > } > > Aki > > On 05.09.2017 11:03, Pol Hallen wrote: Hello, thanks for your reply > > I already tried with: > > username_format=%n or auth_username_format=%n but I've same problem > > Pol > > passdb { > driver = pam > args = username_for...

Hello, thanks for your reply I already tried with: username_format=%n or auth_username_format=%n but I've same problem Pol > passdb { > driver = pam > args = username_format=%n > } > > also you probably want to consider using driver=passwd instead, if you > really don't need pam due to some special plugins. > > Aki -- Pol

...ssword: ?nopasword: if you want to allow all passwords, use an empty password and this field.? Farther down, the page seems to indicate that the ?nologin? attribute is what I am looking for: ?nologin: User isn?t actually allowed to log in even if the password matches . . .? Or possibly ?noauthenticate?: ?noauthenticate: Do not perform any authentication . . ." 2. Is ?nologin? functionally equivalent to specifying no password in the password field ? I am assuming that setting a null password (even without ?nologin?), prevents login with ANY or NO password as a blank field would...

...= %Lu I can?t auth System users. > >? > > Is there a compromise somewhere? > > You could try using %{original_username} in SQL. Or you can try removing the auth_username_format and instead passdb { ? driver = sql ? args = ... } passdb { ? driver = static ? args = user=%Ln noauthenticate # you can remove next line if you want to always normalize your usernames ? skip = authenticated } passdb { ? driver = pam ? args = ... ? skip = authenticated } Aki

...ovecot > doesn't accept it > > any idea? > > thanks! > > Pol > > On 2017-09-05 10:58, Aki Tuomi wrote: > > Oh right, you need to do it like this... > > after the passwd-file drivers add > > passdb { > driver = static > args = username=%n noauthenticate > } > > Aki > > On 05.09.2017 11:03, Pol Hallen wrote: Hello, thanks for your reply > > I already tried with: > > username_format=%n or auth_username_format=%n but I've same problem > > Pol > > passdb { > driver = pam > args = username_for...

On Tue, Jun 23, 2020 at 5:17 PM Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > On 23/06/2020 12:15 Joe Wong <joewong99 at gmail.com> wrote: > > > > > > Hello, I have added 'y' as nodelay in my passdb query and I see the > following in log: > > > > dovecot: imap-login: Debug: Ignoring unknown passdb extra field: nodelay >

...compromise somewhere? > > > > > > You could try using %{original_username} in SQL. > > Or you can try removing the auth_username_format and instead > > passdb { >?? driver = sql >?? args = ... > } > passdb { >?? driver = static >?? args = user=%Ln noauthenticate > # you can remove next line if you want to always normalize your usernames >?? skip = authenticated > } > passdb { >?? driver = pam >?? args = ... >?? skip = authenticated > } > > Aki

You can do passdb { ? driver = passwd-file ? args =? /path/to/some/file ? skip = unauthenticated } and put in this file alice at example.com::::::noauthenticate userdb_namespace/inbox/mailbox/INBOX/autoexpunge=31d or nopassword instead of noauthenticate. Please keep replies in-list. Aki On 23.01.2018 12:31, Alexey Murz Korepov wrote: > So, with using `passwd` driver as userdb - there are no ways to set > some dovecot single per-user setting?...

On Thursday 17 of November 2016, Aki Tuomi wrote: > On 17.11.2016 10:14, Arkadiusz Mi?kiewicz wrote: > > Hello. > > > > dovecot 2.2.26.0 > > > > When testing nopassword extra field > > (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 > > dovecot doesn't allow any password (while it should) and returns > > > >

...i Tuomi <aki.tuomi at open-xchange.com> wrote: >> # before current passbd >> passdb { >> ? driver = passwd-file >> ? args = username_format=%Lu /etc/dovecot/aliases >> } >> >> # into /etc/dovecot/aliases >> alias at user:::::::user=real_username noauthenticate >> >> This hopefully works. > This seems to work fine and I had the idea of doing something similar > for the userdb, but there it appears that the user name change doesn't > happen. > >> auth_debug=yes >> userdb { >> driver = passwd-file >&gt...

Try configuring like this: passdb { args = scheme=SHA256 username_format=%u /etc/dovecot/users driver = passwd-file } passdb { driver = static args = username=%n noauthenticate skip = authenticated } passdb { driver = pam skip = authenticated } On 05.09.2017 14:29, Pol Hallen wrote: > Sure :) thanks > > cat /var/log/dovecot/[...] > > Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131) > Sep 05 13:26:02 auth: Debug: client in: AUTH...

...gt; You could try using %{original_username} in SQL. > > > > Or you can try removing the auth_username_format and instead > > > > passdb { > >?? driver = sql > >?? args = ... > > } > > passdb { > >?? driver = static > >?? args = user=%Ln noauthenticate > > # you can remove next line if you want to always normalize your usernames > >?? skip = authenticated > > } > > passdb { > >?? driver = pam > >?? args = ... > >?? skip = authenticated > > } > > > > Aki