similar to: %{orig_user} missing in checkpassword-Script

I have recently begun playing with Dovecot (1.0.beta8) and have run into an interesting scenario. The way my email system is set up is that users of different domains have completely different base dn's. For instance, if a user is part of test.com the bind dn would be uid=user,ou=People,dc=test,dc=com. The bind dn for user at domain.com would be uid=user,ou=People,dc=domain,dc=com. I

Hi everybody, I'm using SSL client certificates or checkpassword scripts to authenticate our users. If a user sent a client certificate from his smartcard my checkpasswort will ignore the password, if he does not sent a client certificate but uses his OTP-token then my checkwassword script will check wether the password is a correct one time password. My problem is: the AUTH_USER variable

Hi; There is likely a supported way around this problem, but it wasn't immediately apparent to me. So, I created the enclosed patch to fix my problem. What I would like to do is the following: - run samba in "security = domain" - not use trusted domains, but allow people to connect from other domains - not maintain a local encrypted password file for samba, but instead use our

Will %{original_username} set %d as well? Sent from my Sprint Samsung Galaxy S8+. -------- Original message --------From: Aki Tuomi <aki.tuomi at dovecot.fi> Date: 7/13/17 12:34 AM (GMT-06:00) To: Dovecot List <dovecot at dovecot.org>, Larry Rosenman <larryrtx at gmail.com> Subject: Re: System users lookup via PAM: strip the domain name? > On July 13, 2017 at 4:27 AM

Hi, I'm attempting to proxy lmtp using director to hash to the same backend as pop3/imap. My pop3/imap users are of the form: username and my lmtp users are of the form: <username at domain> Where domain is fairly redundant but does carry some useful information. Now, I can proxy lmtp using user=%{username} and destuser=%{orig_user}, and this all appears to work correctly.

Is the %Ln on the 2nd passdb supposed to be a %Lu? Sent from my Sprint Samsung Galaxy S8+. -------- Original message --------From: Aki Tuomi <aki.tuomi at dovecot.fi> Date: 7/13/17 4:43 AM (GMT-06:00) To: Dovecot List <dovecot at dovecot.org>, Larry Rosenman <larryrtx at gmail.com> Subject: Re: System users lookup via PAM: strip the domain name? No. It's just a

Ok,, I was half awake when I typed that ? Sent from my Sprint Samsung Galaxy S8+. -------- Original message --------From: Aki Tuomi <aki.tuomi at dovecot.fi> Date: 7/13/17 6:19 AM (GMT-06:00) To: Dovecot List <dovecot at dovecot.org>, Larry Rosenman <larryrtx at gmail.com> Subject: Re: System users lookup via PAM: strip the domain name? No it's intentionally %Ln to

We are using samba with a NT4.0 Primary Domain Controller as a samba password server. Logon validation on the primary domain controller works fine, the NT machine validates the user password. BUT: On the NT PDC the event log shows numerous entries saying: Unknown user or wrong password Did anybody experience this too ???? Rainer von Bongartz /D/I/L/ rainer.von-bongartz@dil.de

I have a problem with new version (1.9.18p8) of SAMBA and username mapping. Configuration: WindowsNT 4.0 Workstation + SP1 WindowsNT domain - NTEP01 is PDC Digital UNIX 3.2C Username on NT: Babor Username on UNIX: baborl In SMB.CONF I have following lines: [global] security = server password server = NTEP01 username map = /usr/local/samba/lib/username.map username.map: baborl = babor

Hi help is preciated, PROBLEM The dovecot-ldap.conf of "proxy server A" is working when the "host" attribute is the FQDN of other server: pass_attrs = uid=user,userPassword={SSHA}password,\ =proxy_maybe=,maildrop=host,=port=143,=destuser=%u,=starttls=any-cert pass_filter = (&(objectClass=posixAccount)(uid=%u)) CASES When the "host" attribute is the

I tried setting the "destuser" setting on the LMTP director as follows, to preserve the original envelope rcpt: protocol lmtp { auth_socket_path = director-userdb passdb { driver = ... override_fields = destuser=%{orig_user} } } The passdb driver would return the appropriate "user" for each alias. Suppose, for example, user1 has emails user1 at domain.tld,

Hi. I'm using dovecot 1.1.14 with pgsql. I tried to configure dovecot to get the domain part in user_query by specifying different variants of auth_username_format variable such as %Lu, %Lu@%Ld, %Lu-at-%Ld and so on... So dovecot gets domain part in password_query, but not in user_query. I noticed the username is changed like this: kostas at mgupb.net->kostas in log. For some reason it

http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz.sig I didn't have time to look into the latest reported dsync replication bugs, but this release should have been done a long time ago already and I'm busy for next few days, so no more waiting. Things seem to be working quite well in general though. * acl: If public/shared

http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz.sig I didn't have time to look into the latest reported dsync replication bugs, but this release should have been done a long time ago already and I'm busy for next few days, so no more waiting. Things seem to be working quite well in general though. * acl: If public/shared

Dear reader, we are using dovecot 2.2.7 and like it very much. Authentication is done via a checkpassword program that does two things: 1) check wether the client has connected via SSL using a client certificate 2) check wether the client is using a one time password generator Most of our users are using certificates that we have created ourself. These certificates contain a

login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}> These are the defaults, at least on a Fedora system. According to http://wiki2.dovecot.org/Variables, this should record for user at REALM when seeing the following Apr 30 18:08:40 TeaSet dovecot: auth: Debug: auth(user,...,<JhKid0v4bAAKAQG6>): username

I have set up Dovecot v2.2.5 with application-specific passwords, along the lines of this blog post (http://www.dgsiegel.net/news/2013_05_21-application_specific_passwords_for_dovecot). My users file looks like: user-foo:{BLF-CRYPT}$2...:42:42::/home/user::allow_nets=127.0.0.1/32 user=user user-bar:{BLF-CRYPT}$2...:42:42::/home/user::user=user user:{BLF-CRYPT}$2...:42:42::/home/user::nologin In

I have a need for the following: Real system users in /etc/{passwd,shadow} (actually PAM on FreeBSD) wirhOUT @domain in /etc/passwd Virtual Users in SQL (with full user at domain in the DB) When I have auth_username_format = %Ln I can?t auth the Virtual Users, and if I have auth_username_format = %Lu I can?t auth System users. Is there a compromise somewhere? Current doveconf ?n

Can anyone point out where i'm going wrong with my dovecot sharedinbox setup with ACL i'm contemplating giving up with dovecot alltogether i've spent 3 days trying different paths to the virtual users mailboxes I seem to have two issues my acls are getting written to my sql db fine in roundcube i can see the shared folder but cant subscribe to it in thunderbird if i go to

i'm facing a pretty hard to debug problem when trying to use dovecot LDA (deliver) from postfix. After having all configured, mail deliver fails. This is from my maillog: Feb 12 21:27:54 correio postfix/pipe[12484]: 930F9F6105: to=<solutti at domain.com.br>, relay=dovecot, delay=0.21, delays=0.03/0.01/0/0.18, dsn=4.3.0, status=SOFTBOUNCE (Command died with signal 11: