Hello !

Is it possible to configure dovecot so it can use SQL authentication for set of domains, and ntlm authentication for one domain? In other words, I would like to authenticate all users (with user@domain.com as login) in SQL server, and if not found, then strip @windomain.com from login and fallback to pam->winbind authentication. So far i have in my dovecot.conf:

auth_default_realm = windomain.com mechanisms = plain passdb sql { args = /etc/dovecot/dovecot-sql.conf } passdb pam { } passdb passwd { } userdb sql { args = /etc/dovecot/dovecot-sql.conf } userdb passwd { } userdb prefetch { }

in pam.d/dovecot : auth required pam_nologin.so auth include system-auth-winbind account include system-auth-winbind session include system-auth-winbind

With this configuration I can authenticate all users for virtual domains with logins user@domain.com - ok, then it fallbacks to pam - ok, but then it returns error (winbind uses only "user" or "DOMAIN\user" as login). After I set auth_username_format = %n I get opposite situation - I can authenticate users with pam, but I can't with SQL (it requires user@domain as login field). Unfortunately auth_default_realm = windomain.com is a must have (and most of the windows clients uses user@windomain.com as login anyway). Please help, I'm banging my head against keyboard since 3 days but still no idea how to do it.

Best regards, Tomek