[Dovecot] How to use Master Users.

Adam M. Dunn adunn at hgsc.bcm.tmc.edu
Mon Apr 3 23:59:06 EEST 2006 

I got it to work!  I'll explain how in case anyone else is interested:

First, the documentation is wrong about the username format.  The config
file documentation said <username><separator><master username>, but I had
to reverse that to <master username><separator><username>.

Second, I had some extra passdb lines that worked before, but once I
turned on master=yes, they broke Dovecot.  Before, right after my LDAP
passdb line, I had:

passdb passwd {
}

passdb shadow {
}

userdb passwd (
}


...because I wanted to first check LDAP, and if a user wasn't found, check
the local system users as well.  But I think the problem was I have the
system setup to use LDAP nameservices as well, so maybe it was complaining
about me having two LDAP queries?  I don't know.  It used to work fine
until I threw in the master user option.  So, I replaced the above with:

passdb passwd-file {
  args = /etc/shadow
}

userdb passwd-file {
  args = /etc/passwd
}


...and everything worked.  That's probably better anyway.  The above still
loads my local user accounts, after first checking LDAP, and allows master
users.



# telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK IMAP server ready.
1 login testuser*realuser "testpass"
1 OK Logged in.




~Adam



On Mon, 3 Apr 2006, Adam M. Dunn wrote:

> 
> Hi.
>   I'm testing out the new 'master users' feature, and I'm not having any
> luck getting it to work.  Anyone out there using it yet?
> 
> 
> Here's what I have so far:
> 
> dovecot.conf:
> ------------
> 
> auth_master_user_separator = *
> 
> auth default {
> 
>   passdb passwd-file {
>     # Master users that can login as anyone else
>     args = /etc/dovecot/dovecot.masterusers
>     master = yes
>     pass = yes
>   }
> 
>   # LDAP database
>   passdb ldap {
>     args = /etc/dovecot/dovecot-ldap.conf
>   }
> 
> ...
> ...
> }
> 
> 
> dovecot.masterusers:
> -------------------
> testuser:{plain}testpass
> 
> 
> 
> # telnet localhost imap
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK IMAP server ready.
> 1 login realuser*testuser "testpass"
> 1 NO Authentication failed.
> 
> 
> 
> As you can see I get authentication failed.  The log shows it fails for
> the 'realuser' that exists in ldap.  Any ideas out there?  I have the
> 'testuser' also setup in /etc/passwd.
> 
> 
> 
> Thanks
> Adam
> 
> 
> 
> 
>

More information about the dovecot mailing list