Hello guys,
Would you be able to help me with this little issue. I bet someone has the same config so if you can copy-paste it I will very appreciate it. So main idea is to enable Dovecot director to authenticate a LDAP user with plain or encrypted password and send the user to back-end Dovecot server after the authentication. According to Wiki it is only possible if we use the master user to communicate to the back-end server.
On the back-end Dovecot server it is working fine, I can log in as normal user/user_password or as user*masteruser/master_password. The back-end config is:
auth_master_user_separator = * passdb { driver = passwd-file args = /usr/local/dovecot/etc/dovecot/passwd.masterusers master = yes pass = yes }
passdb { driver = ldap args = /usr/local/dovecot/etc/dovecot/dovecot-ldap.conf.ext }
userdb { driver = ldap args = /usr/local/dovecot/etc/dovecot/dovecot-ldap.conf.ext }
Now front-end: how to get director forward the user to the back-end after authentication on the director? With my director config the user stays on the director all the time:
passdb { driver = static args = proxy=y master=masteruser pass=master_password destuser=%u*masteruser }
passdb { driver = ldap args = /usr/local/dovecot/etc/dovecot/dovecot-ldap.conf.ext }
userdb { driver = ldap args = /usr/local/dovecot/etc/dovecot/dovecot-ldap.conf.ext }
The only way to forward the user is to setup nopassword=y in args of static passdb but in that case the user will be authenticated on the backend but not on the director... What do I missing ? Please help me
Best Regards, Alexandr Sabitov