[Dovecot] dovecot and ldap passwords.

Gábor Lénárt lgb at lgb.hu
Fri Nov 17 11:11:53 UTC 2006

On Fri, Nov 17, 2006 at 11:10:44AM +0100, Mauro Sanna wrote:
> The problem in the crypt scheme is that I can't have passwords more than
> 8 characters long.
> So I've tried to change the type of the ldap passwords in SSHA or SMD5,
> but in this way the users can't authenticate yourselfs.
> Dovecot doesn't understand SSHA or SMD5?

As far as I understand, this is a good candidate to use auth binds. If you
do this, dovecot even need not know ANYTHING about passwords in LDAP, since
the pwd verification is done by trying to BIND to the DN of the user with
the given password, so the only component need to know about password and
password scheme is the LDAP server itself. You have may have got no
privilege to see userpassword attribute ...

However you'll got problems if you use some kind of advanced authentication
with IMAP/POP3 which does not send clear text passwords which are sutiable
to use as password to bind to LDAP ?

- Gábor

More information about the dovecot mailing list