On Mon, Jul 08, 2024 at 08:39:54AM +0200, Patrick Ben Koetter via Postfix-users
wrote:
> > I want to setup SMTP authentication in such a way that the user
> > should first be looked locally (/etc/passwd) and then in AD. Is it
> > possible to do so? I was able to configure AD auth via sasl (cyrus),
> > but couldn't do both.
>
> Cyrus SASL is able to use saslauthd in order to authenticate users in
> /etc/passwd.
If saslauthd is configured to use "pam" authentication ("saslauthd -a pam"),
then it should be possible to create a PAM config that uses either
"pam_unix" or "pam_ldap" in that order. Something like:
/etc/pam.d/smtp
auth sufficient pam_unix.so
auth requisite pam_ldap.so use_first_pass
...
with much additional configuration needed for pam_ldap.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
