Hi all, I am trying to configure dovecot to accept SASL EXTERNAL authentication with a client certificate and no password.
I have tried the following configuration: passdb { driver = ldap # Path for LDAP configuration file, see example-config/dovecot-ldap.conf.ext args = /etc/dovecot/dovecot-ldap-external.conf.ext mechanisms = external default_fields = noauthenticate=y } In the logs I see dovecot correctly negotiate SASL EXTERNAL, but eventually we reach this line and we fail: https://github.com/dovecot/core/blob/34a18f5a79bf7eca58e55aff3e1fe69468292d0f/src/auth/passdb-ldap.c#L184 Which is in turn reached by following this code: https://github.com/dovecot/core/blob/34a18f5a79bf7eca58e55aff3e1fe69468292d0f/src/auth/passdb-ldap.c#L275 In theory, if I understand this correctly, what is missing is a field to say “don’t try check any password”, which field is this supposed to be? “nopassword”? “noauthenticate”? I am happy to patch this, but need some guidance as what the correct approach is. Regards, Graham — _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org