5 Aug
2020
5 Aug
'20
12:35 a.m.
On Tue, 4 Aug 2020, Kishore Potnuru wrote:
So, both password files (master and regular user credentials) have the same contents in this scenario, correct?
No.
Master users are administrative users you allow to authenticate as another account without having to know their password. If the master account is "master", and the user account is "xyz", then an administrator can access xyz's mail by authenticating as
username: xyz*master
password: password for masterThis would allow, for example, to migrate all users via the IMAPC mechanism without having to know all their passwords.
By making both master and passdb's the same, you allow anyone to access anybody else's account e.g. "xyz" can access account for "abc" by using their password with user "abc*xyz".
Joseph Tam jtam.home@gmail.com