Will %{original_username} set %d as well?
Sent from my Sprint Samsung Galaxy S8+.
-------- Original message --------From: Aki Tuomi <[email protected]> Date:
7/13/17 12:34 AM (GMT-06:00) To: Dovecot List <[email protected]>, Larry
Rosenman <[email protected]> Subject: Re: System users lookup via PAM: strip
the domain name?
> On July 13, 2017 at 4:27 AM Larry Rosenman <[email protected]> wrote:
>
>
> I have a need for the following:
>
> Real system users in /etc/{passwd,shadow} (actually PAM on FreeBSD) wirhOUT
> @domain in /etc/passwd
>
> Virtual Users in SQL (with full user@domain in the DB)
>
>
>
> When I have auth_username_format = %Ln I can’t auth the Virtual Users, and if
> I have auth_username_format = %Lu I can’t auth System users.
>
>
>
> Is there a compromise somewhere?
>
>
You could try using %{original_username} in SQL.
Or you can try removing the auth_username_format and instead
passdb {
driver = sql
args = ...
}
passdb {
driver = static
args = user=%Ln noauthenticate
# you can remove next line if you want to always normalize your usernames
skip = authenticated
}
passdb {
driver = pam
args = ...
skip = authenticated
}
Aki
