[Dovecot] Capturing credentials for imap sync
Hi List
All the imap sync apps I could find requires the username /password credentails to be known before a sync occurs. I have Dovecot using ldap acting as a nearline backup mail server to MS Exchange. Every hour imapsync syncs mail between Exchange and Dovecot. This all works fine becuase the users credentials are known, but when new users are added I would like the process to work seemless like this:
The user is added to the Active Directory. The mail client is configured with 2 accounts with identical credentials, one of which is connected to Dovecot. When the new client connects to dovecot, the credentials are captured and stored so that imapsync can use it. This
If there is another way this can be done with dovecot, could I please be enlighten. I have read the doco on migration but I am not quite migrating but more replicating.
Thank you
On 1/25/08, Master Abi master@lavacoms.com wrote:
The user is added to the Active Directory. The mail client is configured with 2 accounts with identical credentials, one of which is connected to Dovecot. When the new client connects to dovecot, the credentials are captured and stored so that imapsync can use it. This
Its not entirely clear what Dovecot is authenticating off of when its working as intended. Obviously exchange is working from Active Directory and that is where you are pushing new users manually.
If Dovecot has its own LDAP server, that could potentially be trained to fall back or sync to AD. Or a perl script could be croned to kick before your imapsync to do this chore (as well as alter and maintain users)
You have Outlook clients setup with both Exchange and IMAP accounts to duplicates of the same mail content? How are you rolling out the Outlook account changes in the actual client? Some sort of desktop management tool or manual visits to the desktop?
If your want to thieve passwords from Dovecot login attempts there would be potential in wrapping the imap binary as mentioned in the wiki and doing the above perl script in a targeted fashion (being mindful for DOS issues and what not) I would think.
look head in imap-auth for user in memcache or ldap ? proceed to imap : sync user quick from AD imap-dovecot
-- Gabriel Millerd
On Sat, 2008-01-26 at 07:54 +1100, Master Abi wrote:
Hi List
All the imap sync apps I could find requires the username /password credentails to be known before a sync occurs. I have Dovecot using ldap acting as a nearline backup mail server to MS Exchange. Every hour imapsync syncs mail between Exchange and Dovecot. This all works fine becuase the users credentials are known, but when new users are added I would like the process to work seemless like this:
How about using master users instead? http://wiki.dovecot.org/Authentication/MasterUsers
You can also limit them to be allowed only from specific IPs: http://wiki.dovecot.org/PasswordDatabase/ExtraFields/AllowNets
participants (3)
-
Gabriel Millerd
-
Master Abi
-
Timo Sirainen