similar to: Excluding some system users after configuration

Hello. Tried search, no luck, sorry, if this is already answered, but I'm still looking a solution using pam_auth how to define in dovecot which user can access which protocol, for example, default is: protocols = pop3 pop3s imap imaps I'd like to use something like this: exclude_using_pop = user1, user2, @group exclude_using_pops = user1, user2, @group exclude_using_imap = user1,

Hi, I'm trying to config dovecot to enable IMAP protocol only for certain IPs and users. The logical steps I've followed are: 1. If a user is trying to login from an IP that I've authorized ( listed in a file) the request is authorized. 2. If not, if the user is listed in a second file the request is authorized. 3. If also this check fails the request is rejected. I'm using PAM

Thank for your answer: But i dont know understand why is following not working: I want to restrict the ssh access for a special domain member: In my "sshd_config" i added: AllowGroups restrictaccess root With user2 im able to login via ssh! log: pam_krb5(sshd:auth): user user2 authenticated as user2 at ROOTRUDI.DE With user1 im not! log: User user1 from 192.168.0.100 not allowed

Hello, my enviroment: All Servers are Ubuntun 16.04-18.04 SAMBA AD DC Server and several SAMABA DOMAIN MEMBER (connected via WINBIND). In ADDC I've created a group "restrictaccess" and added some users. Now when im typing "id <username>" on a Domain Member, for some users the group "restrictaccess" are listed for some not! For example: ON DC: #

Hi, I'm trying to use pam_listfile.so to deny logins from all others but few users (names in /etc/loginusers). With password authentication it works fine, but with public key authentication OpenSSH lets in users whose names arent't in /etc/loginusers. AllowUsers in sshd_config does what one would expect. I'm using OpenSSH-3.0.2p1 on Debian testing (package version 1:3.0.2p1-6)

Hi, I'm trying to control access to different services on an Debian server using /etc/group. So that a user I create for FTP usage doesn't fill up my server with IMAP folders or samba garbage. Services like proftpd have: "AllowGroup ftpgroup" sshd have "AllowGroups sshgroup" And samba have "valid users = @smbgroup" But I can't find the correct

Hi, I'm wondering if it's possible to have some users restricted to only login via POP3 or only IMAP (likewise for IMAPS/POP3S). Returning a particular field with the userdb sql query (protocols=imaps did not work), perhaps setting up a different passdb? Is this possible with dovecot? -Adam

I''m guessing this is a common use case, but I wasn''t able to find anything in the site FAQ. We''re looking at using Puppet on about 100 servers to control which user groups have access to which servers. The use case is as follows: We have Groups of servers, for example: CUSTOMERservers (serverA, serverB, ...,serverK) ADMINISTRATIVEservers

Hi All, I am using samba-common-3.0.10-1.4E.9 on a RHEL4_U4 x86 machine. The ADS server is WS03 sp1 running in Windows Server 2003 interim mode. In general thing are working well. However, when winbind caching is enabled (default), group membership does not appear to update, i.e. "wbinfo -r bob" and "groups bob" don't reflect changes in ADS group membership.

Hey guys, Is it possible to deny a user on POP or IMAP! For example, on the primary server we use POP3 and IMAP but how I can force a user to use POP3 and be unable to authenticate on IMAP ? Thanks Sebastien

Hello list, I have found imap_allowed option in dovecot which do exactly what I need, for imap. Is there something similar for pop3 protocol? The main goal for it - is to enable pop3 access to specific users. Or maybe dovecot have some 'pop3=yes' or 'imap=no' args to userdb/passdb sections ? I know future dovecot 2.* versions will support rewriting for protocols, but this is

Is there a way to restrict my user logins from a set of IPs? For example, all my users are in the US so there shouldn't be any logins from other countries. Can I tell dovecot to restrict logins to a CIDR list of US IPs? Can someone point me to docs on how to set this up? I've searched but haven't found how to accomplish this. Thanks, -Terry Terry Barnum digital OutPost

I'd like to toss a feature request on the table for consideration. We currently use a different popd because of a feature that allows us to restrict pop access based upon an allowed users list. This is the only thing that keeps us from using the popd in dovecot currently. It's a simple text file of usernames that are allowed to use pop, if the name isn't in that list then pop

On 2016-05-18 11:52, Aki Tuomi wrote: > On 18.05.2016 12:44, Tom Sommer wrote: >> I'm trying to lock down a maildir from modifications using >> dovecot-uidlist.lock, but when a user with mailbox.auto = create logs >> in, then the folder is created regardless of dovecot-uidlist.lock >> existing or not. >> >> Is there no way to prevent dovecot from

I have some users that I will not allow to use POP3 thru my system, but force them to use webmail. Would it be possible to put an extra option in dovecot.conf to force this: # ----------------------------------------------------------------- # Logon processes # user = <username>,<password> # ----------------------------------------------------------------- user =

Hello, I have all userdata in a ldapserver. Every user has the right to use pop3. There is no explicit attribute allowing that. It's simply possible. Now I like to add imap. For a starting period I like to restrict, who may use imap. http://wiki2.dovecot.org/Authentication/RestrictAccess mention a solution where I could modify ldap pass_filter. But that require an attribute

Thanks Benny. I should've said I saw AllowNets but in researching it looked like it expected a smaller comma separated list, not hundreds of IP blocks. Is that what you are using to accomplish this? Thanks, -Terry iPhone says Hello World! > On Sep 16, 2015, at 6:31 PM, Benny Pedersen <me at junc.eu> wrote: > > Terry Barnum skrev den 2015-09-17 02:32: > >> I've

Hello, I have a problem to which I have not been able to find a solution by myself or online. I have Dovecot running together with Qmail on a CentOS server. I need to be able to control which users are allowed IMAP access and at the same time allow IMAP access for all users when the requests are coming from a specific IP. My problem has two parts, detailed below.

Hi folks, I can't seem to log into my system via vsftpd. All other services using PAM are fine...Am I missing something simple? ftp> user (username) user 331 Please specify the password. Password: 530 Login incorrect. # getenforce Permissive here is the event in /var/log/audit/audit.log: type=USER_AUTH msg=audit(1247235151.569:9781): user pid=21052 uid=0 auid=0

This is my error message: make[2]: Entering directory `/home/jrt/wine-20041019/dlls/kernel' /usr/local/bin/gcc -c -I. -I. -I../../include -I../../include -D__WINESRC__ -D_KERNEL32_ -DETCDIR="\"/usr/local/etc\"" -D_REENTRANT -fPIC -Wall -pipe -mpreferred-stack-boundary=2 -fno-strict-aliasing -gstabs+ -Wpointer-arith -I/usr/local/ssl/include -I/usr/gnome2/include