Sorry for not coming back to you earlier than this.
On Sun, Mar 13, 2011 at 10:35:57PM -0400, Edward Carraro wrote:
Thanks for the reply Dennis
dnf
On Sun, Mar 13, 2011 at 7:19 PM, Dennis Guhl <dg@dguhl.org> wrote:
You should not save the master users credentials with the mail user credentials. Instead you should use a dedicated userdb and passdb.
For further reference have a look at http://wiki2.dovecot.org/Authentication/MasterUsers.
I created the htpasswd file on the destination server already. Does it also need to be done on the proxy?
What do you mean here? Did you create a file like passwd.masterusers with Apache's htpasswd(1) according to the wiki?
What is your configuration for the master user on the proxy destination?
I don't undestand your question. You can either forward plaintext credentials to your backend or authenticate on your proxy and go with the proxys master user to your backend (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy).
Dennis
I'm trying to authenticate on the proxy and use the master user to connect to the backend, just not sure how thats done.
This makes it a little tricky for me to help you. Since I use dovecot 1.2 with password forwarding and MySQL instead of LDAP I am unable to verify or test my suggestions.
The link for ExtraFields says I need to return: master=s and pass=s
How do I state the user/pass for the master?
I've compiled my proxy with ldap support and created the same master user on the proxy that exists on the destination server.
I can telnet on the proxy still, but now its just creating user home directories on the proxy, and not going to the backend at all.
My proxy config
# 2.0.11: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.26-2-openvz-amd64 i686 Debian 5.0.8
[..]
auth_master_user_separator = *
[..]
passdb { args = /usr/local/etc/dovecot/master-users driver = passwd-file master = yes pass = yes }
Both this you need on your backend.
passdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap }
[..]
userdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap }
In your /usr/local/etc/dovecot/dovecot-ldap.conf.ext you need to query for the users username and password as always. In conjunction to this you query for the additional fields or giveback the static values.
This could be something like this: pass_attrs=uid=user, userPassword=password, =proxy=y, hostName=host, =master=your_master_username, =pass=your_master_users_password
Dennis