On Wed, 2012-06-27 at 19:08 -0700, Joseph Tam wrote: > > I dont known about Angel, but for me is useful because sometimes i need to > > deactivate smtp/imap/pop access from accounts, or change their home after > > storage migration, and removing a specific record i can use a long time > > cache. > > I'm not sure that the auth cache holds that information,
userdb lookups are also cached. > but I think you > can at least invalidate a particular auth cache entry by > > 1) Changing the user password (and save the previous hash) > 2) Authenticate using the new credentials (and invalidate > the auth cache entry). For example, you can just > do a manual connection on your dovecot server > > x login someuser newpassword > > This will replace the cache entry with a new one. > > 3) When you are ready to put the account back online, change the > password back to the original. A password mismatch forces > a resync to your authentication system which will restore > the auth cache. This works for passdb cache, but not for userdb cache. It would be possible to add a doveadm command for this.. I think the main reason why I already didn't do it last time I was asked this was because I wanted to use "doveadm auth cache flush" or something similar as the command, but there already exists "doveadm auth" command and "cache flush" would be treated as username=cache password=flush :( Anyone have thoughts on a better doveadm command name? Or should I just break it and have v2.2 use "doveadm auth check" or something for the old "doveadm auth" command?
