Hi
I am trying to achieve the following functionality
"usera" can't login because his account is set non active. there is a deny query that checks this.
a master user ("masteruser") should be able login using "usera*masteruser" syntax to this disabled account
I just tried it with auth_debug set on, but the deny query is being run for usera, presumably because my master definition is
passdb { driver = sql master = yes args = /etc/dovecot/sqlite-master.conf
# Unless you're using PAM, you probably still want the destination user to # be looked up from passdb that it really exists. pass=yes does that. pass = yes }
with pass=yes, and that causes usera to be validated through both the deny and accept phase of authorisation.
In the password_query defined in sqlite-master.conf I user '%u' to locate my master user. Is there any variable I could use to (in that query) to also check that "usera" exists? I could then remove the pass = yes, both to avoid two more queries and to avoid the trap that this account is locked out.
Alternatively some other parameter in the passdb segment above to tell the other login to miss the deny stage.