Double variable expansion / multiple password mechanisms
Steffen Kaiser
skdovecot at smail.inf.fh-brs.de
Fri Jun 17 10:21:04 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 14 Jun 2016, Leon Kyneur wrote:
> For each user Store supported password schemes as LDAP attributes:
> userPasswordCRAM-MD5: {CRAM-MD5}xxx
> userPasswordDIGEST-MD5: {DIGEST-MD5}xxxx
> userPasswordSCRAM: {SCRAM-SHA-1}xxxx
> userPasswordNTLM: {NTLM}xxxx
>
> then:
> =password=%{ldap:userPassword%m} <- Though this doesn't work.. just wondering
> if it could possibly work or if I should give up on this crazy idea :)
did you've tried:
userPassword%m=password
but I assume that these scripts are pulled in before %m is known.
You could try to add one *auth* entry per mechanism and per person:
mechanism=CRAM-MD5,uid=user,...
and user mechanism=%m in the filter
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEVAwUBV2PPEHz1H7kL/d9rAQKxpwf+OOBqCUMT8pMuh6k9g/st2jojEigJIPue
deo2QDfhYnAf5qz7IlCT0DjE3JuCktMAsZX2jtDe2Y0/wHgclKg+graS70aitMjV
5uttJM9llUuVtd1NFV3Qk/w/RqBtrksWozfmkcAlJVrtgQjnOqwHpgP08ZFfbujP
60caUCqYFRMppP4+usrrQML/Bkg4/RMHzpt4qH2h2XlJNdk/cfYLyrZbXfeS5t0/
PWs3MugDV91v9M+6kh11FALAN/xhZHZPaCSadh7EYwyWC6cjZWYcz2dqqwnl4PWZ
i0BdYHmAFy9cjiiPuQwGt8p3tg7LUcRtaqLG56aqy/lzgiCka9fFfw==
=1PlI
-----END PGP SIGNATURE-----
More information about the dovecot
mailing list