Koozali.org: home of the SME Server

Contribs.org Forums => Koozali SME Server 10.x => Topic started by: ldkeen on July 05, 2025, 08:14:16 AM

Title: IMAP pam Authentication error after unexpected server restart
Post by: ldkeen on July 05, 2025, 08:14:16 AM

Hi,
I'm running Smeserver 10.1 fully up to date. We had a power outage a few days ago and lost Internet connection so someone decided to restart the server. After we appeared to be up and going we started getting reports that all users were unable to login to their (IMAP) email.  I checked via webmail and received the following message:

Login failed because your username or password was entered incorrectly.

I then checked the logfiles and heaps of the following errors:

auth-worker(7702): pam(user,127.0.0.1,<Vwbd2yc5UKJ/AAAB>): pam_authenticate() failed: Authentication failure (password mismatch?)


After many hours of googling and checking files against working installs I found a post detailing how to change authentication from "pam" to "shadow". I modified /etc/dovecot/dovecot.conf and changed the following line:

Code: [Select]

passdb {
  driver = pamto use shadow as such:

Code: [Select]

passdb {
  driver = shadow
followed by:

Code: [Select]

systemctl stop dovecot.service
systemctl start dovecot.service
And now it's working:

imap-login: Login: user=<user>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=9883, secured, session=<ogCHJyg5xqZ/AAAB>

I've tried to reinstall dovecot and smeserver-dovecot but still cant get pam authentication to work. Does anyone have any ideas what might have happened or any other options to try. It's working at the moment but I'd like to put it back to the default pam authentication. I'm worried about the security implications of using "shadow" to authenticate?

Regards, Lloyd

Title: Re: IMAP pam Authentication error after unexpected server restart
Post by: Jean-Philippe Pialasse on July 05, 2025, 02:35:59 PM

check audit log for error issued by pam.

is it for all users or only one?

Title: Re: IMAP pam Authentication error after unexpected server restart
Post by: ldkeen on July 05, 2025, 09:54:21 PM

Hi JP,
This happens for all users, below is the error message when trying to authenticate via webmail but the same error message for all users.

type=USER_AUTH msg=audit(1751745017.566:64160): pid=3875 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=? acct="user" exe="/usr/libexec/dovecot/auth" hostname=127.0.0.1 addr=127.0.0.1 terminal=dovecot res=failed'