Author Topic: Configuring password plugin with Dovecot and MySQL using Dovecot settings  (Read 3836 times)

Offline jdpond

  • Newbie
  • *
  • Posts: 1
Hadn't seen an update on this recently and spent a couple of hours trying to configure - hopefully this will be useful to someone else.  Updated the following which was installed at:
/var/www/roundcube on an Ubuntu server with current upgrades of all services and tools. YMMV

If you are using a different server, you can probably find a lot of the information you'll need to modify this at:
/etc/dovecot/dovecot-sql.conf.ext (or wherever you dovecot sql extension configuration parameters are)

specific config values you'll want to look for there are:
Code: [Select]
driver = [YourSqlService]
connect = host=[localhost] dbname=[dbname] user=[dbuser] password=[dbpassword]
default_pass_scheme = [encryption schema]
This may be a good time to upgrade your default schema on both Dovecot and roundcube since the default may be MD5, which isn't perhaps the strongest possible.  To see the available encryption schemas:
Code: [Select]
dovecotpw -land here's a description of Password Schemes

You should copy the distribution config to a usable one then edit it

Code: [Select]
cp /var/www/roundcube/plugins/password/ /var/www/roundcube/plugins/password/
vim /var/www/roundcube/plugins/password/

Here were the key connection configurations that needed to be modified (Example here is to use the Dovecot password encryption type SHA512-CRYPT)
Code: [Select]
$config['password_db_dsn'] = 'mysql://[dbuser]:[dbpassword]@localhost/[dbname]';
$config['password_dovecotpw'] = '/usr/bin/doveadm pw';
$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw_method'] = 'SHA512-CRYPT';
$config['password_dovecotpw_with_method'] = true;
$config['password_query'] = 'UPDATE [dbname].[dbtable] SET [pwdField]=%D WHERE [UserNameField]=%u LIMIT 1';
(bracketed values on right side of equation should be replaced by the values you found in the dovecot configs)

Of course, look at the rest of the config values and modify as desired, but the rest of the connection/encryption could be ignored.  Some you may want to modify could be:
Code: [Select]
$config['password_minimum_length'] = 8;
$config['password_require_nonalpha'] = true;
$config['password_force_save'] = true;
$config['password_force_new_user'] = true;