Hi,
Frank Richter wrote:
> we have configured a plain authenticator with PAM:
>
> plain:
> driver = plaintext
> public_name = PLAIN
> server_prompts = :
> # seehttp://exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html - pam{...
> server_condition = ${if pam{$auth2:${sg{$auth3}{:}{::}}}{yes}{no}}
> server_set_id = $auth2
>
> A user "tester" with a password starting with a colon can't authenticate:
>
> pam_krb5[10327]: authentication fails for 'tester:' ...
> ---^
>
> Is there a workaround for users with :passwords?
We use radius instead of pam and having the same problem. Maybe you can use
a similar solution. We changed the list separator into '|' which is
a character not allowed in your password policy:
server_condition = ${if radius{<| $auth2|$auth3}{yes}{no}}
Heiko
Heiko Schlichting Freie Universität Berlin
heiko.schlichting@??? Zentraleinrichtung für Datenverarbeitung
Telefon +49 30 838-54327 Fabeckstraße 32
Telefax +49 30 838454327 14195 Berlin
