commit | author | age
|
6cc49f
|
1 |
# This file is opened as root, so it should be owned by root and mode 0600. |
T |
2 |
# |
|
3 |
# http://wiki.dovecot.org/AuthDatabase/SQL |
|
4 |
# |
|
5 |
# For the sql passdb module, you'll need a database with a table that |
|
6 |
# contains fields for at least the userid and password. If you want to |
|
7 |
# use the user@domain syntax, you might want to have a separate domain |
|
8 |
# field as well. |
|
9 |
# |
|
10 |
# If your users all have the same uig/gid, and have predictable home |
|
11 |
# directories, you can use the static userdb module to generate the home |
|
12 |
# dir based on the userid and domain. In this case, you won't need fields |
|
13 |
# for home, uid, or gid in the database. |
|
14 |
# |
|
15 |
# If you prefer to use the sql userdb module, you'll want to add fields |
|
16 |
# for home, uid, and gid. Here is an example table: |
|
17 |
# |
|
18 |
# CREATE TABLE users ( |
|
19 |
# userid VARCHAR(128) NOT NULL, |
|
20 |
# password VARCHAR(64) NOT NULL, |
|
21 |
# home VARCHAR(255) NOT NULL, |
|
22 |
# uid INTEGER NOT NULL, |
|
23 |
# gid INTEGER NOT NULL, |
|
24 |
# active CHAR(1) DEFAULT 'Y' NOT NULL |
|
25 |
# ); |
|
26 |
|
|
27 |
# Database driver: mysql, pgsql, sqlite |
|
28 |
#driver = |
|
29 |
|
|
30 |
# Database connection string. This is driver-specific setting. |
|
31 |
# |
|
32 |
# pgsql: |
|
33 |
# For available options, see the PostgreSQL documention for the |
|
34 |
# PQconnectdb function of libpq. |
|
35 |
# |
|
36 |
# mysql: |
|
37 |
# Basic options emulate PostgreSQL option names: |
|
38 |
# host, port, user, password, dbname |
|
39 |
# |
|
40 |
# But also adds some new settings: |
|
41 |
# client_flags - See MySQL manual |
|
42 |
# ssl_ca, ssl_ca_path - Set either one or both to enable SSL |
|
43 |
# ssl_cert, ssl_key - For sending client-side certificates to server |
|
44 |
# ssl_cipher - Set minimum allowed cipher security (default: HIGH) |
|
45 |
# |
|
46 |
# You can connect to UNIX sockets by using host: host=/var/run/mysqld/mysqld.sock |
|
47 |
# Note that currently you can't use spaces in parameters. |
|
48 |
# |
|
49 |
# sqlite: |
|
50 |
# The path to the database file. |
|
51 |
# |
|
52 |
# Examples: |
|
53 |
# connect = host=192.168.1.1 dbname=users |
|
54 |
# connect = host=sql.example.com dbname=virtual user=virtual password=blarg |
|
55 |
# connect = /etc/dovecot/authdb.sqlite |
|
56 |
# |
|
57 |
#connect = dbname=virtual user=virtual |
|
58 |
|
|
59 |
# Default password scheme. |
|
60 |
# |
|
61 |
# List of supported schemes is in |
|
62 |
# http://wiki.dovecot.org/Authentication/PasswordSchemes |
|
63 |
# |
|
64 |
#default_pass_scheme = PLAIN-MD5 |
|
65 |
|
|
66 |
# Query to retrieve the password. |
|
67 |
# |
|
68 |
# This query must return only one row with "user" and "password" columns. |
|
69 |
# The query can also return other fields which have a special meaning, see |
|
70 |
# http://wiki.dovecot.org/PasswordDatabase/ExtraFields |
|
71 |
# |
|
72 |
# The "user" column is needed to make sure the username gets used with exactly |
|
73 |
# the same casing as it's in the database. Note that if you store username and |
|
74 |
# domain in separate fields, you most likely want to return a combination of |
|
75 |
# them as the "user" column, otherwise the domain gets stripped. |
|
76 |
# |
|
77 |
# Commonly used available substitutions (see |
|
78 |
# http://wiki.dovecot.org/Variables for full list): |
|
79 |
# %u = entire userid |
|
80 |
# %n = user part of user@domain |
|
81 |
# %d = domain part of user@domain |
|
82 |
# |
|
83 |
# Note that these can be used only as input to SQL query. If the query outputs |
|
84 |
# any of these substitutions, they're not touched. Otherwise it would be |
|
85 |
# difficult to have eg. usernames containing '%' characters. |
|
86 |
# |
|
87 |
# Example: |
|
88 |
# password_query = SELECT concat(userid, '@', domain) AS user, password FROM users WHERE userid = '%n' AND domain = '%d' |
|
89 |
# password_query = SELECT pw AS password FROM users WHERE userid = '%u' AND active = 'Y' |
|
90 |
# |
|
91 |
#password_query = SELECT userid as user, password FROM users WHERE userid = '%u' |
|
92 |
|
|
93 |
# Query to retrieve the user information. |
|
94 |
# |
|
95 |
# The query must return only one row. Commonly returned columns are: |
|
96 |
# uid - System UID |
|
97 |
# gid - System GID |
|
98 |
# home - Home directory |
|
99 |
# mail - Mail location |
|
100 |
# |
|
101 |
# Either home or mail is required. uid and gid are required. If more than one |
|
102 |
# row is returned or there are missing fields, the login will fail. For a list |
|
103 |
# of all fields that can be returned, see |
|
104 |
# http://wiki.dovecot.org/UserDatabase/ExtraFields |
|
105 |
# |
|
106 |
# Examples |
|
107 |
# user_query = SELECT home, uid, gid FROM users WHERE userid = '%n' AND domain = '%d' |
|
108 |
# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u' |
|
109 |
# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u' |
|
110 |
# |
|
111 |
#user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' |
|
112 |
|
|
113 |
# If you wish to avoid two SQL lookups (passdb + userdb), you can use |
|
114 |
# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll |
|
115 |
# also have to return userdb fields in password_query prefixed with "userdb_" |
|
116 |
# string. For example: |
|
117 |
#password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u' |
|
118 |
|
|
119 |
driver = mysql |
82e9b9
|
120 |
connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port} |
6cc49f
|
121 |
default_pass_scheme = CRYPT |
T |
122 |
|
03b633
|
123 |
# password-query with prefetch |
f339eb
|
124 |
password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' |
D |
125 |
user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' |
6cc49f
|
126 |
|
bfcdef
|
127 |
# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers. |
T |
128 |
# Do not enable it on Dovecot 1.x servers |
|
129 |
# iterate_query = SELECT email as user FROM mail_user |
6cc49f
|
130 |
|