[Dovecot] Overlapping userdb/passdbs

Timo Sirainen tss at iki.fi
Mon Oct 29 17:22:22 EET 2012


On 26.10.2012, at 22.13, James Devine wrote:

> I have an ldap server for which each entry includes the email address and
> the username portion of the email address for authentication.
> Authentication works by username if the username is unique among all the
> entries.  I need to now add some users which must authenticate even if the
> username is not unique.  I figured one way to do this would be to add a
> second user/pass db which puts further restrictions on the ldap query to
> make it unique for those users.  This doesn't seem to work however as if
> the user is found in the first ldap query but the password does not match
> it does not try the second.  I would use the password as part of the query
> but this setup requires me to allow the client to hash the password.  Is
> there a way to do this?  Or maybe I am approaching the problem wrong.


You'd need to update this patch:

http://dovecot.org/patches/2.0/auth-multi-password-2.0.diff

It worked for v1.1 and maybe for v1.2. I never included it mainly because I never had time to check if it had any security issues.




More information about the dovecot mailing list