Again, this doesn't help with doveadm running as the local user, and also doesn't help with the PAM authentication.
passdb { driver = pam #[session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=20] #[cache_key=<key>] [<service name>] args = failure_show_msg=yes session=yes max_requests=20 skip = authenticated }
How can I default the domain for PAM authentication? (I've set auth_default_realm and it doesn't help in this case).
# System users (NSS, /etc/passwd, or similiar). In many systems nowadays this # uses Name Service Switch, which is configured in /etc/nsswitch.conf. userdb { # <doc/wiki/AuthDatabase.Passwd.txt> driver = passwd-file # [blocking=no] args = username_format=%Ln /etc/passwd #override_fields = user=%Ln /etc #name = %Ln
# Override fields from passwd #override_fields = home=/home/virtual/%u #skip = found }
On Mon, Apr 15, 2019 at 6:31 AM John Fawcett via dovecot < dovecot@dovecot.org> wrote:
On 15/04/2019 12:59, Larry Rosenman via dovecot wrote:
forgot to reply all.
---------- Forwarded message --------- From: Larry Rosenman <larryrtx@gmail.com> Date: Mon, Apr 15, 2019 at 5:58 AM Subject: Re: SOLR/Index? To: John Fawcett <john@voipsupport.it>
the local users (myself, my wife, a friend) can authenticate EITHER as <username> or <username>@lerctr.org.
switching to all virtual users is NOT going to happen.
If I login to roundcube with <user>@lerctr.org it finds the autoindexed mail.
So, if I make everyone always authenticate as <user>@lerctr.org we should be fine.
and change my script to do doveadm -u <user>@<domain> instead of depending on the local user running the cron job.
question: Is there some way to have dovecot change what it sees to be <user>@lerctr.org when they login as <user>?
Dovecot is very configurable, but it can also take some time, effort and testing to get the configuration you want. Personally I don't mix user types since it takes out an element of complexity.
For your case you might find it useful to look into auth_default_realm
that can specify a domain name when one is not supplied.
https://wiki2.dovecot.org/DomainLost
Other things that might be useful: there is a method for returning a "user" field from the userdb query or passdb query which will change the username. Or there is another setting that can overriding values of fields returned by the userdb.
https://wiki.dovecot.org/UserDatabase
Hope it helps!
John
-- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx@gmail.com US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106