← Revision 30 as of 2019-09-11 14:02:20
|Deletions are marked like this.||Additions are marked like this.|
|Line 1:||Line 1:|
|= Password database extra fields =
The primary purpose of a password database lookup is the return the password for a given user. It may however also return other fields which are treated specially:
* [wiki:PasswordDatabase/ExtraFields/User user]: Change the username (eg. lowercase it).
* [wiki:PasswordDatabase/ExtraFields/AllowNets allow_nets]: Allow user to log in from only specified IPs.
* [wiki:PasswordDatabase/ExtraFields/Proxy proxy]: Proxy the connection to another IMAP/POP3 server.
* [wiki:PasswordDatabase/ExtraFields/Host host]: Send login referral to client.
* [wiki:PasswordDatabase/ExtraFields/NoLogin nologin]: User isn't actually allowed to log in even if the password matches. Typically used with [wiki:PasswordDatabase/ExtraFields/Reason reason].
* [wiki:PasswordDatabase/ExtraFields/Reason reason]: If the authentication fails, show this as the reason for the client.
* [wiki:PasswordDatabase/ExtraFields/NoDelay nodelay]: Don't delay replying to client of the authentication failure.
How to return these extra fields depends on the password database you use. See the [wiki:PasswordDatabase password database] pages how to do it. Some passdbs however don't support returning them at all, such as [wiki:PasswordDatabase/PAM PAM].
The password database may also return fields prefixed with `userdb_`. These fields are only saved and used later as if they came from the [wiki:UserDatabase user database]'s extra fields. Typically this is done only when using [wiki:UserDatabase/Prefetch prefetch userdb].
|Moved to https://doc.dovecot.org/configuration_manual/authentication/password_database_extra_fields/|