Dovecot auth username mapping
Laz C. Peterson
laz at paravis.net
Thu Jul 2 15:07:04 UTC 2015
Ahh Peter, good call on this one!
<beating head into desk><pause><beating head into desk again><thumbs up>
So after playing around with the order of authentication in Dovecot, you are correct, the PAM timeout was causing the holdup. I guess since PAM has no way of looking up whether or not a user exists prior to authenticating, this is causing the hiccup, versus LDAP which can search for a user’s existence prior to the auth. Switching these around, I notice almost *no* degradation in performance for PAM authentications, and the LDAP authentications run smooth as I would hope them to.
Awesome, so now we have our solution! (I think.)
Gotta say, a lot of love goes out to the Dovecot community (especially Timo!) for all the inspiration and help that I’ve received. Dovecot is a great app and this community is the backbone of it all. Cheers to all!
Thanks again.
~ Laz Peterson
Paravis, LLC
Ph: 951.319.3240 x201
> On Jul 2, 2015, at 6:25 AM, Laz C. Peterson <laz at paravis.net> wrote:
>
> Peter,
>
> Yes that is a possibility. I will try disabling PAM (or switching the auth order) and see if that makes a difference. Thanks for the suggestion!
>
> ~ Laz Peterson
> Paravis, LLC
> Ph: 951.319.3240 x201
>
>> On Jul 1, 2015, at 11:34 PM, Peter Chiochetti <pch at myzel.net> wrote:
>>
>> Am 2015-07-02 um 01:41 schrieb Laz C. Peterson:
>>>
>>> I did attempt to switch the PAM/Kerberos authentication to Dovecot
>>> LDAP authentication, but now performance is unbelievably slow.
>>> Any thoughts to this?
>>
>> In case you have multiple passdb backends, it could be, that LDAP only gets its chance, after PAM did time out.
>>
>>
>> --
>> peter
More information about the dovecot
mailing list