similar to: Proxy GSSAPI + PLAIN authentication

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> If your dovecot is recent enough you can use mechanisms setting on passdb block. See https://doc.dovecot.org/configuration_manual/authentication/password_databases_passdb/ <br> </div> <blockquote type="cite"> <div>

> On 15 Feb 2018, at 22.16, Travis Dolan <travis.dolan at gmail.com> wrote: > > It would look as though the changes have now negatively affected a "normal" user from logging in. > > > telnet host 143 > > a login username password > > > a NO [AUTHENTICATIONFAILED] Authentication failed. > > > telnet host 143 > > 1 login

Awesome, thanks for the advice. Using the following now works... passdb { driver = static args = proxy=y password=doesnotmatter } Cheers. On Feb 15 2018, at 2:40 pm, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > > On 15 February 2018 at 20:22 Travis Dolan <travis.dolan at gmail.com> wrote: > > > Hello, > > I have Director setup to proxy

I have very strange problem with masteruser. See two logs below: # telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Welcome to our post server! x login nevorotin password x OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT

The attached patch makes it possible for Kerberos principals to be associated with a password database entry by adding a new "k5principals" passdb setting. A client that successfully authenticates using GSSAPI will be able to log in as any user who has been associated with the client's Kerberos principal. This means that users can now use their Kerberos identities to access virtual

> On July 11, 2017 at 11:50 AM azurit at pobox.sk wrote: > > > > Cit?t azurit at pobox.sk: > > > Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>: > > > >>> On July 10, 2017 at 1:45 PM azurit at pobox.sk wrote: > >>> > >>> > >>> > >>> Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>: > >>> >

> On 28 Sep 2017, at 23.08, Computerisms Corporation <bob at computerisms.ca> wrote: > > Hi Sami, > > Thank you for your reply. >> yes you do need to define imapc_user if you want to switch user and master user around for imapc. like: >> imapc_user = authapps >> imapc_master_user = %u >> without imapc_user dovecot would login to the secondary server

Hi Sami, Thank you for your reply. > yes you do need to define imapc_user if you want to switch user and master user around for imapc. like: > > imapc_user = authapps > imapc_master_user = %u > > without imapc_user dovecot would login to the secondary server like A bob.test*bob.test password When I add the 'imapc_user = authapps' option to the primary instance

Greetings to all I need a masteruser/proxy account for some applications to be implemented and i am having some problems. Normal users are proxyied through ldap queries to the remote machine and this is working like it sopose to, but i can't make the master user to work. Below are both the dovecot.conf and dovecot-ldap.conf and verbose logs on the proxy machine. If i log directly on the

Hi folks, We're looking to integrate our telephone system with our email system. The telephone system will use IMAP4 to store WAV files in a users mailbox and then retrieve them for playing if necessary. This is usually called "unified messaging". The manufacturers are claiming full integration with Microsoft Exchange and Lotus Notes using IMAP4 and a single username and

Hello to everybody, I'm in the process of setting up test mail server (Ubuntu 19.10 amd64 running as VM under Hyper-V) and got stuck on configuring master user authentication. I use GSSAPI authentication in parallel with PLAIN/LOGIN (pam backend that authenticates against my Active Directory domain) and this works as intended. I then tried adding simple static master passdb that simply

> On 12 Jul 2017, at 15.46, Rick Romero <rick at havokmon.com> wrote: > This is awesome, as I was just contemplating how to maintain persistence with 2FA. > Is it possible to use a passdb based on remote ip? There's a username_filter, but I want to use a master password for webmail (which will use 2FA via Radius), and those IPs are known and non-routable. passdb { driver =

On 03/22/2018 09:34 AM, Aki Tuomi wrote: > I have no idea*WHY* it is required by SOGo. It does not make sense. Well, the thing is: SOGo has this ability to behave like a *real* exchange server, as if it's running on a windows server. And this enables Outlook to connect to it like it would to an exchange server. (so: not in imap mode, and not using regular username/password

Hello, Please somebody suggest me how to remove the "*masteruser" appendix from the dovecot director database while using masteruser authentication. My situation is: - all users get authenticated in LDAP on the dovecot-director frontend - then they are forwarded to dovecot backend as username*masteruser ( this is a way how to proxy users with encrypted passwords). To enable it a added

Hello, just want to report a slightly confusing log entry on auth-debug level I have encountered while setting up Kerberos auth. Users are stored in ldap, Kerberos makes use of the same ldap as its backend, goal was to enable users to use their principals in addition to simple login with mailAddress/userPassword combination. Sample entry relevant attrs: --- mailAddress: sn.gn at example.com

This is probably quite an easy question, but I haven't been able to find the answer. I'm running a server where all the email addresses are in the format "user at domain.com". I've noticed that a large number of fake login attempts use the format "user" eg. reception, service, root, admin. Is it possible to prevent any such logins to these email users without an

After a over a year and a half struggling to get Dovecot to do either NTLM or GSSAPI authentication with Samba4 AD/DC, I believe I've finally got it! Thanks to all those in this list who helped: Jan Jurkus, Edgar Pettijohn, Gregory Sloop, Tom Talpey especially Aki Tuomi; and infinite thanks to Achim Gottinger on the SambaList for his patience in working this through with me. Although my

a "masteruser" login fails: Oct 8 15:12:54 postamt dovecot: auth: Debug: auth(masteruser,141.42.206.38,master): Master user lookup for login: nonworkinguser Oct 8 15:12:54 postamt dovecot: auth: passdb(masteruser,141.42.206.38,master): Master user logging in as nonworkinguser Oct 8 15:12:54 postamt dovecot: auth: Debug: cache(nonworkinguser,141.42.206.38): expired Oct 8 15:12:54

Thank you, How and where ? I configured only this: cat /Library/Server/Mail/Data/shared/shared-mailboxes * user=masteruser lr masteruser is ok for all masters (mailmaster) ? Luda > Am 09.04.2019 um 09:33 schrieb Aki Tuomi <aki.tuomi at open-xchange.com>: > > Hi! > > You need to grant the master user rights in your ACL file. > > Aki -------------- next part

Quoting Aki Tuomi <aki.tuomi at dovecot.fi>: >> On July 11, 2017 at 11:50 AM azurit at pobox.sk wrote: >> >> Cit?t azurit at pobox.sk: >> >> Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>: >> >> On July 10, 2017 at 1:45 PM azurit at pobox.sk wrote: >> >> Cit?t Aki Tuomi <aki.tuomi at dovecot.fi>: >> >> On July 10, 2017