On 2020-09-17 20:20, Ranbir wrote:
This is the pam error:
auth-worker(4474): pam(ranbir,1.2.3.4,<oS10hHmv7qkKyAkP>):
pam_authenticate() failed: Authentication failure (password
mismatch?)
Replying to myself here...
I managed to fix the pam problem once I realized that Roundcube didn't
know what to do with the second factor auth dovecot (namely the pam
module) was presenting to it. I removed the OTP requirement from the ID
that couldn't login. Login still didn't work until I also modified the
user's ldap entry directly to remove an extra attribute (krbExtraData).
Here's the link to the post in the freeipa user list that explains the
OTP removal problem and fix:
https://lists.fedorahosted.org/archives/list/freeipa-us...@lists.fedorahosted.org/thread/EN5TJCEAVH5NMGLOMF5IF2TXVFIDGOQY/
Now the user id is successfully looked up via dovecot and roundcube
logins are working again.
--
Ranbir
