Hello Timo, I just tried the master user feature with a very simple setup (Dovecot v2.2.15) :
!include auth-master.conf.ext -> passwd-file passdb !include auth-ldap.conf.ext -> ldap passdb (userdb prefetched) without auth_bind=yes without pass=yes I get this userdb lookup error : dovecot: auth: passwd-file(masteruser,157.99.64.42,master,<4Pgesh0OygCdY0Aq>): Master user logging in as normaluser dovecot: auth: Error: prefetch(normaluser,157.99.64.42,<4Pgesh0OygCdY0Aq>): userdb lookup not possible with only userdb prefetch dovecot: imap: Error: Internal auth failure (client-pid=10449 client-id=1) dovecot: imap-login: Internal login failure (pid=10449 id=1) (internal failure, 1 successful auths): user=<normaluser>, method=PLAIN, rip=157.99.64.42, lip=157.99.64.81, mpid=10570, TLS, session=<4Pgesh0OygCdY0Aq> with pass=yes, it works. Feb 2 17:51:24 langres dovecot: auth: passwd-file(masteruser,157.99.64.42,master,<YmjAwx0O0gCdY0Aq>): Master user logging in as normaluser Feb 2 17:51:24 langres dovecot: imap-login: Login: user=<normaluser>, method=PLAIN, rip=157.99.64.42, lip=157.99.64.81, mpid=11647, TLS, session=<YmjAwx0O0gCdY0Aq> I dont quite understand why because the documentation states that 'pass=yes' "means that Dovecot verifies that the login user really exists before allowing the master user to log in. Without the setting if a nonexistent login username is given,[...]" Here, 'normaluser' exists in the ldap passdb so, even with pass=no, I'm not supposed to be in the 'nonesxistent login username' case. Can you help ? thanks. -- Thomas Hummel | Institut Pasteur <[email protected]> | Groupe Exploitation et Infrastructure
