On Wed, 2012-06-27 at 19:08 -0700, Joseph Tam wrote:
I dont known about Angel, but for me is useful because sometimes i need to deactivate smtp/imap/pop access from accounts, or change their home after storage migration, and removing a specific record i can use a long time cache.
I'm not sure that the auth cache holds that information,
userdb lookups are also cached.
but I think you can at least invalidate a particular auth cache entry by
Changing the user password (and save the previous hash)
Authenticate using the new credentials (and invalidate the auth cache entry). For example, you can just do a manual connection on your dovecot server
x login someuser newpasswordThis will replace the cache entry with a new one.
When you are ready to put the account back online, change the password back to the original. A password mismatch forces a resync to your authentication system which will restore the auth cache.
This works for passdb cache, but not for userdb cache.
It would be possible to add a doveadm command for this.. I think the main reason why I already didn't do it last time I was asked this was because I wanted to use "doveadm auth cache flush" or something similar as the command, but there already exists "doveadm auth" command and "cache flush" would be treated as username=cache password=flush :(
Anyone have thoughts on a better doveadm command name? Or should I just break it and have v2.2 use "doveadm auth check" or something for the old "doveadm auth" command?