similar to: Lookup master userdb used with GSSAPI causes auth-worker to report "Error: BUG: PASSL had invalid passdb ID"

With current cvs: Feb 22 14:30:32 ymmv dovecot: auth-worker(default): BUG: PASSL had invalid passdb num never seen that before.

Hi there, I've been seeing this for quite a while now, but only today finally got off my lazy you-know-what and did a backtrace. Here's the requested info as per http://dovecot.org/bugreport.html: * Dovecot version [root at airframe]:~# dovecot --version 1.0.3 * Operating system or Linux distribution name Slackware 10.2, both kernel 2.6.21.3 and dovecot self-compiled * CPU

Hi, I try to configure a proxy accepting GSSAPI and PLAIN authentication. When authenticating with Kerberos, Dovecot uses master user and password to authenticate to backends (backends can be Cyrus or Exchange servers too) When authenticating with PLAIN passwords, Dovecot sends user's login and password to the backend. For GSSAPI, I use extrafields : k5principals=principal at REALM proxy=Y

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> If your dovecot is recent enough you can use mechanisms setting on passdb block. See https://doc.dovecot.org/configuration_manual/authentication/password_databases_passdb/ <br> </div> <blockquote type="cite"> <div>

The attached patch makes it possible for Kerberos principals to be associated with a password database entry by adding a new "k5principals" passdb setting. A client that successfully authenticates using GSSAPI will be able to log in as any user who has been associated with the client's Kerberos principal. This means that users can now use their Kerberos identities to access virtual

Hello, just want to report a slightly confusing log entry on auth-debug level I have encountered while setting up Kerberos auth. Users are stored in ldap, Kerberos makes use of the same ldap as its backend, goal was to enable users to use their principals in addition to simple login with mailAddress/userPassword combination. Sample entry relevant attrs: --- mailAddress: sn.gn at example.com

After a over a year and a half struggling to get Dovecot to do either NTLM or GSSAPI authentication with Samba4 AD/DC, I believe I've finally got it! Thanks to all those in this list who helped: Jan Jurkus, Edgar Pettijohn, Gregory Sloop, Tom Talpey especially Aki Tuomi; and infinite thanks to Achim Gottinger on the SambaList for his patience in working this through with me. Although my

Hi, I'm testing/using dovecot as imap proxy, passdb/userdb as passwd-like-file. It seems to function as expected (1). This setup is described in the wiki in AuthSpecials. But I also noticed in the documentation (ImapProxy / FeatLoginProxy pages) that the proxy feature only works with a sql passdb. Maybe I did something strange, but passwd-like-passdb does work..... So I have some

Hello Is it possible to setup double backend ? ldap for auth only and SQL for userdb information(quota,maildir etc) ? Now I'm using SQL backend and configuration looks like this: passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } userdb { driver = prefetch } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } Can I do something like: passdb { driver = sql args

Hello Timo, I've noticed that when slapd which I'm using as the passdb and the prefetched userdb is restarted I have to restart dovecot. As a matter of fact, if I don't, I get the following error : -- Jul 2 16:38:39 xxxx dovecot: imap-login: Internal login failure: user=<xxxx>, method=PLAIN, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS Jul 2 16:38:46 xxxx dovecot:

On Fri, 2009-03-13 at 16:18 -0700, Shane W wrote: > The problem may be the shane@ bit. If I delete the sql > entry, the lookup just shows 'shane'. I'm not loging in > with @ but my query does use the username,domain syntax for > instances of virtual users which don't use passwd userdb: > select username,domain,password from users > WHERE username = '%n'

Hi, I've been running some performance tests - especially delivery (LDA and LMTP) and it seems there's room for improvement. At least it would be nice to get rid of the fork() and pipe to deliver LDA and the fork of the checkpasswd script for userdb lookup. I've tried LMTP to not fork deliver (*), but checkpasswd still takes time (ok, maybe because it's written on perl as of

Hi, I was wondering if any work had been made (out of tree) or has been planned for a mongo driver? If not is it something that would be of any interest for being included? Regards, Damien

Dear all, We are getting closer to the migration of our mailsystem. Now I have a special question. We are successfully using passdb { driver = pam } and that is good. Now, how would I tell dovecot to proxy certain users (the ones not yet migrated) to the old server? My attempts to configure an additional userdb failed since this seems to override the passdb setting. Grateful for any

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 May 2014, Kristof Bajnok wrote: > in my current setup, LDAP authentication + userdb works fine. > > I'd like to integrate Dovecot with Shibboleth. I have a custom module at > the IdP (*) that inserts short-time tokens to an SQL table at user > authentication, and I want Dovecot to use the token table for passdb but >

hi everybody. I wonder if such a scenario is possible. if yes would I configure multiple passdb using ldap driver or within one clause set up multiple args? How would this work? many thanks P.

On 02/17/2015 04:03 PM, lejeczek wrote: > hi everybody. > > I wonder if such a scenario is possible. > if yes would I configure multiple passdb using ldap driver > or within one clause set up multiple args? How would this work? Did you read http://wiki2.dovecot.org/Authentication/MultipleDatabases? Regards, Pascal -- The trapper recommends today: face1e55.1504802 at

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 18 Feb 2015, lejeczek wrote: > On 17/02/15 19:36, Pascal Volk wrote: >> On 02/17/2015 04:03 PM, lejeczek wrote: >>> hi everybody. >>> >>> I wonder if such a scenario is possible. >>> if yes would I configure multiple passdb using ldap driver >>> or within one clause set up multiple args?

On 04/10/2015 05:59 AM, Jeroen Massar wrote: > > This can be resolved by commenting out the entries in > auth-system.conf.ext but then I'll have to do that again at package > upgrade time. Comment out the !include auth-system.conf.ext line in 10-auth.conf. > > Hence, would it be a cool option to be able (in the 99-myconfig.conf) > file to put: Actually you mean

On Sex, 10 Abr 2015, Jeroen Massar wrote: > Though indeed simpler than commenting out multiple lines, that file also > gets replaced by a package upgrade. > > Hence does not solve the 'can just upgrade silently' issue. If the file is unchanged then, yes, it gets replaced on upgrades. If it has local changes, however, you'll get a prompt asking what you want to do (keep