similar to: Disable PAM

Can I disable PAM auth if all my username/password lookups are via a database connection? I would love to get rid of the following lines in my logs... Oct 17 14:32:14 auth-worker(7809): Info: pam(xxx-xxx-xxx,111.111.111.111,<sdfhgsdfgsd>): pam_authenticate() failed: Authentication failure (password mismatch?) Cheers.

It would look as though the changes have now negatively affected a "normal" user from logging in. telnet host 143 a login username password a NO [AUTHENTICATIONFAILED] Authentication failed. telnet host 143 1 login devteam*masteruser at example.com password 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS

> On 15 Feb 2018, at 22.16, Travis Dolan <travis.dolan at gmail.com> wrote: > > It would look as though the changes have now negatively affected a "normal" user from logging in. > > > telnet host 143 > > a login username password > > > a NO [AUTHENTICATIONFAILED] Authentication failed. > > > telnet host 143 > > 1 login

Awesome, thanks for the advice. Using the following now works... passdb { driver = static args = proxy=y password=doesnotmatter } Cheers. On Feb 15 2018, at 2:40 pm, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > > On 15 February 2018 at 20:22 Travis Dolan <travis.dolan at gmail.com> wrote: > > > Hello, > > I have Director setup to proxy

> On 15 February 2018 at 20:22 Travis Dolan <travis.dolan at gmail.com> wrote: > > > Hello, > > I have Director setup to proxy requests to backend servers. This works fine > when using "standard" username/passwords. > > I am not try to enable the use of the Dovecot Master user through Director > into the backend servers. > > a.) username is

SHA512-CRYPT and PLAIN/LOGIN with SSL. ---Aki TuomiDovecot oy -------- Original message --------From: "j.emerlik" <j.emerlik at gmail.com> Date: 25/10/2017 12:07 (GMT+02:00) To: Aki Tuomi <aki.tuomi at dovecot.fi> Cc: Dovecot Mailing List <dovecot at dovecot.org> Subject: Re: Password encription What scheme and mechanism do you recommend? 2017-10-25 11:01 GMT+02:00

Or you can implement a policy server yourself. :)The protocol is not complicated, json over http. See?https://wiki.dovecot.org/Auth/Policy ---Aki TuomiDovecot oy -------- Original message --------From: Aki Tuomi <aki.tuomi at dovecot.fi> Date: 21/05/2018 19:13 (GMT+02:00) To: Marc Perkel <marc at perkel.com>, dovecot at dovecot.org Subject: Re: Dovecot blacklist?

Sorry for finnish. I think it might also work with libtool flag -static in Makefile.am LDADD flags.---Aki TuomiDovecot oy -------- Original message --------From: Aki Tuomi <aki.tuomi at dovecot.fi> Date: 05/02/2017 20:21 (GMT+02:00) To: Dovecot Mailing List <dovecot at dovecot.org> Subject: Re: Panic error from dovecot 2.2.27 using libressl 2.4.5 (cross-posting at GitHub) jos

CRAM-MD5 should not be used. Its not terribly secure. ---Aki TuomiDovecot oy -------- Original message --------From: "j.emerlik" <j.emerlik at gmail.com> Date: 25/10/2017 11:58 (GMT+02:00) To: Aki Tuomi <aki.tuomi at dovecot.fi> Cc: Dovecot Mailing List <dovecot at dovecot.org> Subject: Re: Password encription Thx Aki, with CRAP-MD5 as scheme and mechanism?

Unfortunately, I tried for weeks to figure out passdb ldap without success. I guess I'm just not knowledgeable enough about how to use ldap and Active Directory. The dovecot wiki https://wiki2.dovecot.org/AuthDatabase/LDAPm doesn't help me much. All it says is: Active Directory When connecting to AD, you may need to use port 3268. Then again, not all LDAP fields are available in port

In future release we will add master authentication too. Now you can use api key or doveadm password which are essentially same thing. ---Aki TuomiDovecot oy-------- Alkuper?inen viesti --------L?hett?j?: Peter Chiochetti <pch at myzel.net> P?iv?m??r?: 4.3.2016 20.20 (GMT+02:00) Saaja: dovecot at dovecot.org Aihe: Re: v2.2.22 release candidate released Am 2016-03-04 um 14:33 schrieb Timo

You might get better results with https://wiki.dovecot.org/HowTo/ActiveDirectoryNtlm It seems you'd have to configure OpenLDAP backend for Samba to have LDAP. Aki On 04.12.2017 02:38, Mark Foley wrote: > Unfortunately, I tried for weeks to figure out passdb ldap without success. I guess I'm just > not knowledgeable enough about how to use ldap and Active Directory. The dovecot

It's fixed in head. Sorry. ---Aki TuomiDovecot oy -------- Alkuper?inen viesti --------L?hett?j?: Eric <ebroch at whitehorsetc.com> P?iv?m??r?: 31.3.2016 18.05 (GMT+02:00) Saaja: dovecot at dovecot.org Aihe: Re: v2.2.23 released Yes. I concur. On 3/31/2016 7:44 AM, Leon Kyneur wrote: > 2.2.23 seems to have broken doveadm backup, was previously working > fine on 2.2.22 >

mj - thanks! That the first useful example I've received from any forum/list. I'm getting ready to try my config (have to do so after hours), but I have some probably simple-minded questions: Your example is not the complete dovecot-ldap.conf.ext file, right? Have you just given me differences in your config from the "original"? You've kept the hosts, base, ldap_version,

Dear all, I've been looking into hacking with some PAM modules, and thought I could learn from the OpenSSH source (it's probably the closest thing to a canonical cross-platform consumer of the API). One thing I've noticed I don't understand though is how OpenSSH's invocation of do_pam_session/setcred can work (in main of the process forked in sshd.c). Ignoring privsep for the

You forgot to cc the list. ssl_ca is used only for validating client certificates. ---Aki TuomiDovecot oy -------- Original message --------From: Marc Perkel <marc at perkel.com> Date: 21/05/2018 18:25 (GMT+02:00) To: Aki Tuomi <aki.tuomi at dovecot.fi> Subject: Re: SSL error after upgrading to 2.31 On 05/21/2018 07:54 AM, Aki Tuomi wrote:

pigeonhole 0.5.0 has been already released... ---Aki TuomiDovecot oy -------- Original message --------From: Daniel Kenzelmann <dovecot.org at k8n.de> Date: 03/01/2018 21:31 (GMT+02:00) To: Rhys Williams <lux+mailinglists at melted.me>, dovecot at dovecot.org Subject: Re: dovecot v2.3.0: imap segfault when sieve_extprograms_plugin.so ? called Hi, see the following thread:

with passdb ldap i guess. ---Aki TuomiDovecot oy -------- Original message --------From: Mark Foley <mfoley at ohprs.org> Date: 03/12/2017 21:18 (GMT+02:00) To: dovecot at dovecot.org Subject: Re: Howto authenticate smartPhone via Active Directory Yes, you are right. This link: https://www.redips.net/linux/android-email-postfix-auth/#section2 shows: passdb pam { } used for

If you need fast and timely support you can contact OX sales for an support agreement . It is somewhat impolite to except such from a public mailing list over weekend. ---Aki TuomiDovecot oy -------- Original message --------From: Michael Fox <news at mefox.org> Date: 03/07/2016 09:00 (GMT+02:00) To: Dovecot Mailing List <dovecot at dovecot.org> Subject: FW: quota-status service ???

Hi Mark, Just to let you know that we are running dovecot with AD. (and I guess: *many* people are running that combination) It worked without issues, we are using in dovecot-ldap.conf.ext: > auth_bind = yes this user/passwd filter: > = (&(objectclass=person)(sAMAccountName=%n)(!(userAccountControl=514))) > dn = cn=search_dovecit,cn=users,dc=company,dc=com > dnpass =