authmgr

Name

authmgr — Demultiplexer for authentication requests

Description

authmgr is a service plugin that, for mail account authentication, dynamically selects the authentication backend per user account. The libgxs_mysql_adaptor.so and/or libgxs_ldap_adaptor.so plugins need to be loaded in advance (this is the case by default).

Configuration directives

The usual config file location is /etc/gromox/authmgr.cfg.

auth_backend_selection

This controls how authmgr will verify passwords supplied with login operations. See the "Authentication modes" section below for details.

Available: deny_all, allow_all, ldap, pam

Default: ldap

Authentication modes

• deny_all: every attempt at authentication is rejected. This is at best useful for testing.

• allow_all: every attempt at authentication (provided the user exists) is permitted. This may be handy when doing the initial mass-import of mailboxes via external IMAP-to-IMAP synchronization utilities such as imapsync without needing to know user passwords.

• ldap (old name: externid): authmgr will selectively pick LDAP/MySQL, depending on whether the externid column in the user database has a value or contains just the empty string. The particular value is ignored and only meaningful to the importer.

• pam: authmgr will selectively pick PAM/MySQL. The PAM service name will be "gromox". Be sure that pam_gromox.so is not invoked as part of that PAM service stack, or it will lead to infinite recursion.

See also

gromox(7), ldap_adaptor(4gx), mysql_adaptor(4gx)