Changes between Version 17 and Version 18 of howto/SetupDovecot


Ignore:
Timestamp:
Jun 30, 2009, 3:48:12 AM (15 years ago)
Author:
macports@…
Comment:

Describe using passdb pam and userdb passwd to get full system authentication with dovecot on OS X

Legend:

Unmodified
Added
Removed
Modified
  • howto/SetupDovecot

    v17 v18  
    8888Instead of using separate user and password files one can try set-up LDAP as user / password supply.
    8989
     90=== System User Authentication Using PAM and passwd ===
     91
     92OS X supports PAM directly, and this can easily be configured to authenticate system users for dovecot.  In dovecot.conf, use this to turn on PAM based password authentication for all users configured on the system:
     93
     94{{{
     95passdb pam {
     96   args = login
     97}
     98}}}
     99
     100Unfortunately, PAM can't provide any UID, GID, or home directory information for the system users.  dovecot needs a separate "userdb" database to get this information, in order to allow IMAP loging successfully. OS X uses DirectoryServices to store password information, so you can't use "passdb passwd" to do user authentication.  However, you can use "userdb passwd" to retrieve the UID, GID, and home directory after PAM has already authenticated your username/password.  To do this:
     101
     102{{{
     103userdb passwd {
     104   args =
     105}
     106}}}
     107
     108Together, these prevent the need for hardcoded passwd.dovecot and userdb.dovecot files, and don't require any knowledge of LDAP. However, they only support system usernames, and not virtual mailboxes.  I have tested this with IMAP and the dovecot LDA (deliver) successfully.
     109
     110
    90111[wiki:howto <- Back to the HOWTO section]