diff options
Diffstat (limited to 'doc/wiki/UserDatabase.Prefetch.txt')
| -rw-r--r-- | doc/wiki/UserDatabase.Prefetch.txt | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/doc/wiki/UserDatabase.Prefetch.txt b/doc/wiki/UserDatabase.Prefetch.txt new file mode 100644 index 0000000..715b8bc --- /dev/null +++ b/doc/wiki/UserDatabase.Prefetch.txt @@ -0,0 +1,87 @@ +Prefetch User Database +====================== + +Prefetch userdb can be used to combine passdb and userdb lookups into a single +lookup. It's usually used with <SQL> [AuthDatabase.SQL.txt], <LDAP> +[AuthDatabase.LDAP.txt] and <checkpassword> +[PasswordDatabase.CheckPassword.txt] passdbs. + +Prefetch basically works by requiring that the passdb returns the userdb +information in <extra fields> [PasswordDatabase.ExtraFields.txt] with 'userdb_' +prefixes. For example if a userdb typically returns 'uid', 'gid' and 'home' +fields, the passdb would have to return 'userdb_uid', 'userdb_gid' and +'userdb_home' fields. + +If you're using <LDA.txt> or <LMTP.txt>, you still need a valid userdb which +can be used to locate the users. You can do this by adding a normal SQL/LDAP +userdb *after the userdb prefetch*. The order of definitions is significant. +See below for examples. + +LDAP: 'auth_bind=yes' with 'auth_bind_userdn'-template is incompatible with +prefetch, because no passdb lookup is done then. If you want zero LDAP lookups, +you might want to use <static userdb> [UserDatabase.Static.txt] instead of +prefetch. + +SQL example +----------- + +'dovecot.conf': + +---%<------------------------------------------------------------------------- +passdb { + driver = sql + args = /etc/dovecot/dovecot-sql.conf.ext +} +userdb { + driver = prefetch +} +# The userdb below is used only by lda. +userdb { + driver = sql + args = /etc/dovecot/dovecot-sql.conf.ext +} +---%<------------------------------------------------------------------------- + +'dovecot-sql.conf.ext': + +---%<------------------------------------------------------------------------- +password_query = SELECT userid AS user, password, \ + home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \ + FROM users \ + WHERE userid = '%u' + +# For LDA: +user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' +---%<------------------------------------------------------------------------- + +LDAP example +------------ + +'dovecot.conf': + +---%<------------------------------------------------------------------------- +passdb { + driver = ldap + args = /etc/dovecot/dovecot-ldap.conf.ext +} +userdb { + driver = prefetch +} +# The userdb below is used only by LDA. +userdb { + driver = ldap + args = /etc/dovecot/dovecot-ldap.conf.ext +} +---%<------------------------------------------------------------------------- + +'dovecot-ldap.conf.ext': + +---%<------------------------------------------------------------------------- +pass_attrs = uid=user, userPassword=password, \ + homeDirectory=userdb_home, uidNumber=userdb_uid, gidNumber=userdb_gid + +# For LDA: +user_attrs = homeDirectory=home, uidNumber=uid, gidNumber=gid +---%<------------------------------------------------------------------------- + +(This file was created from the wiki on 2019-06-19 12:42) |