[Dovecot] Master user and proxying
Hello list,
Still need your help configuring proxy infrastructure.
Today, I really struggle configuring master passwords forwarding.
What I want:
master user can connect to any other account, on proxy.
Could please somebody help me, I read both articles about this on wiki, but still can't connect :(
What I did:
on proxy:
auth_master_user_separator=*
passdb sql { args = /usr/local/dovecot/etc/dovecot-master.conf master = yes pass = yes }
--
dovecot-master.conf: (...)
default_pass_scheme = CRYPT
password_query = SELECT password FROM master_users WHERE username= '%u' AND status = 'ok'
on destination server:
auth_master_user_separator=*
passdb sql { args = /usr/local/etc/dovecot-master.conf master = yes pass = yes }
default_pass_scheme = CRYPT
password_query = SELECT password FROM master_users WHERE username= '%u' AND status = 'ok'
I also tried on proxy:
password_query = SELECT NULL AS password, host, 'Y' AS nologin, 'Y' AS nodelay, 'Y' AS nopassword, 'Y' AS proxy,'%u' as user ,'%u*pierre' as destuser, '123' as pass FROM proxy WHERE domain = '%d'
instead of
password_query = SELECT NULL AS password, host, 'Y' AS nologin, 'Y' AS nodelay, 'Y' AS nopassword, 'Y' AS proxy,'%u' as user FROM proxy WHERE domain = '%d'
it did not work :(
LOGS:
on destination server:
[ID 583609 mail.info] auth(default): cache(pierre,127.0.0.1,master): expired [ID 583609 mail.info] auth-worker(default): sql(pierre,127.0.0.1): query: SELECT password FROM master_users WHERE username= 'pierre' AND status = 'ok' [ID 583609 mail.info] auth(default): passdb(pierre,127.0.0.1,master): Master user logging in as account@test.fr*pierre [ID 583609 mail.info] auth(default): cache(account@test.fr*pierre,127.0.0.1): miss [ID 583609 mail.info] auth-worker(default): sql(account@test.fr*pierre,127.0.0.1): query: SELECT CONCAT(pw_name, '@', pw_domain) AS user, pw_passwd AS password FROM vpopmail WHERE pw_name = 'julien' AND pw_domain = 'demarey.fr*pierre' [ID 583609 mail.info] auth-worker(default): sql(account@test.fr*pierre,127.0.0.1): unknown user [ID 583609 mail.info] auth(default): new auth connection: pid=8162 [ID 583609 mail.info] auth(default): client out: FAIL 1 user=account@test.fr*pierre authz
on proxy:
auth(default): client in: AUTH 2 PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=143 rport=39978 resp= auth(default): cache(pierre,127.0.0.1,master): hit: user=pierre auth(default): passdb(pierre,127.0.0.1,master): Master user logging in as account@test.fr
auth(default): cache(account@test.fr,127.0.0.1): miss
auth-worker(default): sql(account@test.fr,127.0.0.1): query: SELECT NULL AS password, host, 'Y' AS nologin, 'Y' AS nodelay, 'Y' AS nopassword, 'Y' AS proxy,'account@test.fr' as user ,'account@test.fr*pierre' as destuser, '123' as pass FROM proxy WHERE domain = 'demarey.fr' auth(default): client out: OK 2 user=account@test.fr host=10.0.44.20 nologin proxy destuser=account@test.fr*pierre pass= master=pierre imap-login: proxy(account@test.fr): Login failed to 10.0.44.20:143/account@test.fr*pierre (master pierre): [AUTHORIZATIONFAILED] Authorization failed [ID 583609 mail.info] imap-login: Disconnected (auth failed, 1 attempts): user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
both use dovecot version 1.2.9
[ID 583609 mail.info] auth(default): passdb(pierre,127.0.0.1,master): Master user logging in as account@test.fr*pierre
sounds like your proxy tries to login to destination as account@test.fr*pierre*pierre . Which of those two sql statements did u use for this log? "'%u*pierre' as destuser" or "'%u' as destuser" ? What does the other setting tell you in the destination log?
participants (2)
-
BaQs
-
Oli Schacher