Will %{original_username} set %d as well?
Sent from my Sprint Samsung Galaxy S8+. -------- Original message --------From: Aki Tuomi aki.tuomi@dovecot.fi Date: 7/13/17 12:34 AM (GMT-06:00) To: Dovecot List dovecot@dovecot.org, Larry Rosenman larryrtx@gmail.com Subject: Re: System users lookup via PAM: strip the domain name?
On July 13, 2017 at 4:27 AM Larry Rosenman larryrtx@gmail.com wrote:
I have a need for the following:
Real system users in /etc/{passwd,shadow} (actually PAM on FreeBSD) wirhOUT @domain in /etc/passwd
Virtual Users in SQL (with full user@domain in the DB)
When I have auth_username_format = %Ln I can’t auth the Virtual Users, and if I have auth_username_format = %Lu I can’t auth System users.
Is there a compromise somewhere?
You could try using %{original_username} in SQL.
Or you can try removing the auth_username_format and instead
passdb { driver = sql args = ... } passdb { driver = static args = user=%Ln noauthenticate # you can remove next line if you want to always normalize your usernames skip = authenticated } passdb { driver = pam args = ... skip = authenticated }
Aki