Displaying 15 results from an estimated 15 matches for "orig_us".
Did you mean:
orig_ns
2014 Mar 27
0
%{orig_user} missing in checkpassword-Script
...blem is: the AUTH_USER variable will either contain the username that
was configured in the mailclient (if auth_ssl_username_from_cert=false) or
the username from the certificate (if auth_ssl_username_from_cert=true).
I would like to compare both values, i.e. the %{user} Dovecot-variable and
the %{orig_user} Dovecot-variable. But the environment of a
checkpassword-script has only one of them.
Any ideas?
I tried to change the source and found the routine where all the AUTH_xxx
environment variables are created. But the %{orig_user] variable was empty
at that point, so no AUTH_ORIG_USER variable is...
2014 May 03
1
%{orig_user} missing in checkpassword-Script
...AUTH_USER environment
variable will either contain the username that was configured in the
mailclient (if auth_ssl_username_from_cert=false) or the username
from the certificate (if auth_ssl_username_from_cert=true).
I would like to compare both values, i.e. the %{user} Dovecot-variable
and the %{orig_user} Dovecot-variable. But the environment of a
checkpassword-script has only one of them.
I tried myself and found the following:
- the environment of a checkpassword script is setup by
checkpassword_setup_env() in db-checkpassword.c
- checkpassword_setup_env() calls env_put_auth_vars()
- env_put_a...
2001 Apr 20
0
Fudging domain support - samba 2.2.0
...ngr.USask.CA
-------------- next part --------------
*** orig/samba-2.2.0/source/smbd/reply.c Thu Apr 12 22:09:39 2001
--- samba-2.2.0/source/smbd/reply.c Wed Apr 18 15:59:55 2001
***************
*** 616,623 ****
if(lp_security() != SEC_DOMAIN)
return False;
! if (!check_domain_match(orig_user, domain))
! return False;
ret = domain_client_validate(orig_user, domain,
smb_apasswd, smb_apasslen,
--- 616,625 ----
if(lp_security() != SEC_DOMAIN)
return False;
! if (!check_domain_match(orig_user, domain)) {
! DEBUG(0,("Do...
2016 Jun 16
2
Recipient delimiter and lmtp proxying
...ng director to hash to the same backend
as pop3/imap. My pop3/imap users are of the form:
username
and my lmtp users are of the form:
<username at domain>
Where domain is fairly redundant but does carry some useful information.
Now, I can proxy lmtp using user=%{username} and
destuser=%{orig_user}, and this all appears to work correctly.
However, if I also try to pass a detail part through to the backend the
lmtp users now take the form:
<username+detail at domain>
I can still use user=%{username}
with recipient_delimiter = +, and the detail is correctly stripped,
hashing work...
1998 Jul 13
1
password server problem
We are using samba with a NT4.0 Primary Domain Controller as a samba password
server.
Logon validation on the primary domain controller works fine, the NT machine
validates the user password.
BUT: On the NT PDC the event log shows numerous entries saying:
Unknown user or wrong password
Did anybody experience this too ????
Rainer von Bongartz
/D/I/L/
rainer.von-bongartz@dil.de
1998 Jun 19
1
SAMBA 1.9.18p8, username map, server security
I have a problem with new version (1.9.18p8) of SAMBA and username
mapping.
Configuration:
WindowsNT 4.0 Workstation + SP1
WindowsNT domain - NTEP01 is PDC
Digital UNIX 3.2C
Username on NT:
Babor
Username on UNIX:
baborl
In SMB.CONF I have following lines:
[global]
security = server
password server = NTEP01
username map = /usr/local/samba/lib/username.map
username.map:
baborl = babor
2018 Mar 26
1
destuser setting useless on LMTP proxy
I tried setting the "destuser" setting on the LMTP director as follows, to preserve the original envelope rcpt:
protocol lmtp {
auth_socket_path = director-userdb
passdb {
driver = ...
override_fields = destuser=%{orig_user}
}
}
The passdb driver would return the appropriate "user" for each alias. Suppose, for example, user1 has emails user1 at domain.tld, but also alias1 at domain.tld.
Now, it turns out that setting the destuser *changes* the backend. It seems that when the passdb returns "destu...
2013 Sep 25
2
v2.2.6 released
...blic/shared namespace has a shared subscriptions file for
all users, don't list subscription entries that are not visible to
the user accessing it.
+ doveadm: Added "auth lookup" command for doing passdb lookup.
+ login_log_format_elements: Added %{orig_user}, %{orig_username}
and %{orig_domain} expanding to the username exactly as sent by
the client (before any changes auth process made).
+ Added ssl_prefer_server_ciphers setting.
+ auth_verbose_passwords: Log the password also for unknown users.
+ Linux:...
2013 Sep 25
2
v2.2.6 released
...blic/shared namespace has a shared subscriptions file for
all users, don't list subscription entries that are not visible to
the user accessing it.
+ doveadm: Added "auth lookup" command for doing passdb lookup.
+ login_log_format_elements: Added %{orig_user}, %{orig_username}
and %{orig_domain} expanding to the username exactly as sent by
the client (before any changes auth process made).
+ Added ssl_prefer_server_ciphers setting.
+ auth_verbose_passwords: Log the password also for unknown users.
+ Linux:...
2014 May 01
0
Problems with login_log_format (possible bug?)
...http://wiki2.dovecot.org/Variables, this should record for
user at REALM when seeing the following
Apr 30 18:08:40 TeaSet dovecot: auth: Debug:
auth(user,...,<JhKid0v4bAAKAQG6>): username changed user -> user at REALM.
If I wanted just user, user=<%u> should be changed to user=<%orig_user>.
However, I only get user not user at REALME in imap-login log lines.
I wouldn't mind this, but auth_username_format cannot be used in
passed{} and I haven't been able to get pam_krb5 to uppercase the realm
for it alone. (Everything else depends on it being lowercase.) I can
make th...
2013 Aug 26
1
Logging pre-rewrite user ID for application-specific passwords
I have set up Dovecot v2.2.5 with application-specific passwords, along the lines of this blog post (http://www.dgsiegel.net/news/2013_05_21-application_specific_passwords_for_dovecot).
My users file looks like:
user-foo:{BLF-CRYPT}$2...:42:42::/home/user::allow_nets=127.0.0.1/32 user=user
user-bar:{BLF-CRYPT}$2...:42:42::/home/user::user=user
user:{BLF-CRYPT}$2...:42:42::/home/user::nologin
In
2017 Jun 23
1
acl shared maildir with virtual users
...e 6.9 (Final)
auth_cache_size = 1 M
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_policy_hash_mech = sha512
auth_policy_hash_nonce = 78204771
auth_policy_hash_truncate = 64
auth_policy_request_attributes = auth_database=mail database=mail service=dovecot username=%{orig_user} authtoken_hash=$0$0$%{hashed_password} local_host=%{real_lip} local_port=%{real_lport} remote_host=%{real_rip} remote_port=%{real_rport}
auth_policy_server_api_header = X-API-Key:dovecot:xxxxxxxxxxxx
auth_policy_server_timeout_msecs = 3000
auth_policy_server_url = http://127.0.0.1:579/dovecot-au...
2010 Feb 13
3
problem with deliver segfaulting
i'm facing a pretty hard to debug problem when trying to use
dovecot LDA (deliver) from postfix. After having all configured, mail
deliver fails. This is from my maillog:
Feb 12 21:27:54 correio postfix/pipe[12484]: 930F9F6105:
to=<solutti at domain.com.br>, relay=dovecot, delay=0.21,
delays=0.03/0.01/0/0.18, dsn=4.3.0, status=SOFTBOUNCE (Command died with
signal 11:
2003 Dec 01
0
No subject
...reply.c
--- reply.c 8 Sep 2001 02:59:23 -0000 1.331
+++ reply.c 11 Sep 2001 02:45:02 -0000
@@ -776,7 +776,8 @@
add_session_user(user);
if (!guest) {
- valid_password = NT_STATUS_IS_OK(pass_check_smb(user, domain,
+// stj
+ valid_password = NT_STATUS_IS_OK(pass_check_smb(orig_user, domain,
(unsigned char *)smb_apasswd,
smb_apasslen,
(unsigned char *)smb_ntpasswd,
Tim Potter wrote:
>Andrew Bartlett writes:
>
>[...]
>
>>>It seems a bit confusing at the moment...
2017 Oct 10
2
Issue with mailbox conversion using dsync in v2.2.32 (maildir <-> mdbox)
...x86_64 x86_64 CentOS Linux release 7.4.1708
(Core)
auth_cache_size = 819 M
auth_mechanisms = plain login
auth_policy_hash_mech = sha512
auth_policy_hash_nonce = 85979662
auth_policy_hash_truncate = 64
auth_policy_request_attributes = auth_database=mail database=mail
service=dovecot username=%{orig_user}
authtoken_hash=$0$0$%{hashed_password} local_host=%{real_lip}
local_port=%{real_lport} remote_host=%{real_rip} remote_port=%{real_rport}
auth_policy_server_api_header = X-API-Key:dovecot:4FR0BN8IWTpSnB42
auth_policy_server_timeout_msecs = 3000
auth_policy_server_url = http://127.0.0.1:579/dov...