> ---- SNIP ----
> login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = "Username:: : Password::"
> server_condition = "${if eq{$2} \
> {${lookup mysql{SELECT password FROM mailusers WHERE
> username='${local_part:$1}' \
> and domain='${domain:$1}'}}}{yes}{no}}"
> server_set_id = $1
> ---- END ----
>
> ---- CODE ----
>
> login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = "Username:: : Password::"
> server_condition = "${if and {{!eq{$2}{}}{eq{$2} \
> {${lookup mysql{SELECT password FROM mailusers WHERE
> username='${local_part:$1}' \
> and domain='${domain:$1}'}}}}}{yes}{no}}"
> server_set_id = $1
>
> ---- END CODE ----
I'm using the first one but there's a difference which causes the problem you
described to fail.
server_condition = ${if eq{$2}{${lookup mysql{select ...}\
{${if !eq{$value}{}{$value}fail}}\
fail\
}\
}\
{yes}{no}}
I did it this way for 2 reasons.
1) if user *DOES* exist but has no password, fail (line 2)
2) if user does not exist, fail. (line 3)
I can remove the ${if !eq{$value}{}{$value}fail} and replace it with $value
instead but any user w/o a password will authenticate however non-existant
users will never authenticate.
--
Lab tests show that use of micro$oft causes cancer in lab animals
