is it safe to have two backed used for the same user?

[Steffen Kaiser]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 23 Jun 2015, Steffen Kaiser wrote:
> On Tue, 23 Jun 2015, lejeczek wrote:
>
>> I wonder if it is safe (and wise) to have two passw-user databases for the
>> same one user.
>> I'm thinking,
>> mail to me via pam
>> mail to me at this.domain via ldap
>
> the first passdb wins. No problem.
>
>> whole Maildir would be essentially the same one storage target, I see
>> permissions have to be mangled, available to write for both vmail and 
>> actual
>> uid.
>
> again, the first userdb wins. Your users can auth agains pam, but the data
> may come from LDAP or a static userdb.
> If you auth agains PAM successfully, does _not_ mean that you
> automatically use system users or Dovecot changes uids or something. All
> such information come from the userdb. If both users match the same userdb
> entry, they appear the same for Dovecot.

To make it more clear:

you can have

passdb { driver = pam }
passdb { driver = ldap
   ...
}

userdb { driver = ldap
 	....
}

you do not need no userdb { driver = passwd }, unless you require user 
data from this source. Or use userdb { driver = static } instead the LDAP 
one, because you do not use LDAP attributes anyway.

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBVYlwA3z1H7kL/d9rAQLL6Af/SsS6K2oHv1X6DdNhCMPJrURf+IWWJQx0
pmmOHVPMLsuw3A6cQaMfxm7i3K4OdQA4CLPq2SER3Zxp98LigTLUdsHvPVfdD3x7
KHkIZ689emmmQZxJ1DXtAcu4ICu+0zdicpqaL8iOm7qlbYjLmB4TF2jTWvPpb3g4
GqiDgCrjzgyRKx0ppBRqdXMIuhtsmOyUX7qUc+TbE5C4dWs9gOllUp6haW+Am7pX
cTVA/tAxCs+mqbCbOJSEGBC8xVD0gCfyg7DevYjZSOlbCLnR+tYZxIVQt5/KSIwg
Ak0e64k9sy5wc95pZ8V49o2yaVyxkQdzEHbqlfUAuOahDTsx72yVpA==
=UvLB
-----END PGP SIGNATURE-----