I currently have a fixed user name and password in my authenticators but would
like to also have PAM authentication work too. Currently I have:
begin authenticators
PLAIN:
driver = plaintext
server_set_id = $auth2
server_prompts = :
server_condition = ${if and {{eq{$2}{secret1}}{eq{$3}{secret2}}}
{yes}{no}}
server_advertise_condition = ${if def:tls_cipher }
LOGIN:
driver = plaintext
server_set_id = $auth1
server_prompts = <| Username: | Password:
server_condition = ${if and {{eq{$1}{secret1}}{eq{$2}{secret2}}}
{yes}{no}}
server_advertise_condition = ${if def:tls_cipher }
I tried changing the PLAIN server_condition to
server_condition = ${if or{ \
{and {{eq{$2}{secret1}}{eq{$3}{secret2}}}} \
{pam{$2:$3}} \
}{yes}{no} \
}
However, when I try to use this, I get the following log entries:
2016-05-10 13:08:42 PLAIN authenticator failed for <remote_host> [<ip>]: 535
Incorrect authentication data (set_id=gary)
2016-05-10 13:08:43 LOGIN authenticator failed for <remote_host> [<ip>]: 535
Incorrect authentication data (set_id=gary)
even though the correct user ID and password have been entered and Dovecot
which is also using PAM accepts them for the IMAP side.
One thing that seems odd is the use of $2 and $3 in the server_condition but
$auth2 in the server_set_id
Can anyone give any suggestions as to how to fix this please
