[Dovecot] Using ldap and pam
Bo Lynch
blynch at ameliaschools.com
Tue Aug 6 16:11:34 EEST 2013
On Tue, August 6, 2013 9:04 am, Steffen Kaiser wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Tue, 6 Aug 2013, Bo Lynch wrote:
>
>>>> passdb pam {
>>>> }
>>>> passdb ldap {
>>>> args = /etc/dovecot-ldap.pass
>>>> }
>
>> Is it possible to have 2 auth methods? Meaning if user and passwd does
>> not
>> match in pam then go with ldap?
>
> as far as I know, if PAM returns "no such user", the next passdb is tried.
> If PAM returns "password mismatch", it chains to next passdb.
>
> BTW: Dovecot also caches passwords, maybe you are hit by it?
>
> - --
In the logs I am seeing
dovecot: Aug 06 09:08:45 Info: auth(default): ldap(blynch,69.21.103.133):
pass search: base=dc=ameliaschools,dc=com scope=subtree
filter=(&(objectClass=posixAccount)(uid=blynch)) fields=uid, userPassword
dovecot: Aug 06 09:08:45 Info: auth(default): ldap(blynch,69.21.103.133):
result: uid(user)=blynch
dovecot: Aug 06 09:08:46 Info: auth(default): client out: FAIL 1
user=blynch temp
and
dovecot: Aug 06 09:08:48 Error: auth(default): ldap(blynch,69.21.103.133):
No password in reply
More information about the dovecot
mailing list