This documentation is for Dovecot v2.x, see wiki1 for v1.x documentation.
Differences between revisions 6 and 8 (spanning 2 versions)
Revision 6 as of 2005-01-08 23:20:55
Size: 881
Editor: talvi
Comment:
Revision 8 as of 2006-08-16 12:00:44
Size: 832
Editor: TimoSirainen
Comment:
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
Dovecot 1.0-tests support defining multiple authentication databases, so that if password doesn't match in the first database, it checks the next one. This can be useful if you want to easily support having both local system users in /etc/passwd but also virtual users. This isn't possible in 0.99 releases. Dovecot supports defining multiple authentication databases, so that if the password doesn't match in the first database, it checks the next one. This can be useful if you want to easily support having both local system users in /etc/passwd and virtual users.
Line 10: Line 10:
auth local { auth default {
Line 12: Line 12:
  userdb = passwd
  passdb = pam
  user = root
}
Line 17: Line 13:
auth virtual {
  mechanisms = plain
  userdb = pgsql /etc/dovecot-pgsql.conf
  passdb = pgsql /etc/dovecot-pgsql.conf
  user = dovecot-auth
  # try to authenticate using SQL database first
  passdb sql {
    args = /etc/dovecot-sql.conf
  }
  # fallback to PAM
  passdb pam {
  }

  # look up users from SQL first (even if authentication was done using PAM!)
  userdb sql {
    args = /etc/dovecot-sql.conf
  }
  # if not found, fallback to /etc/passwd
  userdb passwd {
  }
Line 24: Line 30:

You should make sure that the same user doesn't exist in multiple password databases. The order in which the authentications are done isn't guaranteed.

Multiple Authentication Databases

Dovecot supports defining multiple authentication databases, so that if the password doesn't match in the first database, it checks the next one. This can be useful if you want to easily support having both local system users in /etc/passwd and virtual users.

Currently the fallbacking works only with PLAIN authentication mechanism.

This can be configured in the following way:

auth default {
  mechanisms = plain

  # try to authenticate using SQL database first
  passdb sql {
    args = /etc/dovecot-sql.conf
  }
  # fallback to PAM
  passdb pam {
  }

  # look up users from SQL first (even if authentication was done using PAM!)
  userdb sql {
    args = /etc/dovecot-sql.conf
  }
  # if not found, fallback to /etc/passwd
  userdb passwd {
  }
}

None: Authentication/MultipleDatabases (last edited 2019-09-11 14:00:18 by MichaelSlusarz)